0 bid DaiGoldAuctions have their TGLD tokens stuck forever
Summary
At the start of an DaiGoldAuction a fresh amount of TGLD tokens is distributed to the auction. In case of a finished auction with 0 bids, those tokens remain frozen inside and cannot be recovered.
Vulnerability Details
Scenario
1) DaiGoldAuction is started:
2) No one has bidded during the time the auction was active: 0 bids
3) The auction ends
4) The TGLD tokens remain frozen and cannot be recovered. The stuck TGLD tokens cannot be used as a reward for the next auction also
Trying to recover the tokens via DaiGoldAuction.recoverToken() will also not work, it will revert, because the auction has ended.
Code snippet: https://github.com/Cyfrin/2024-07-templegold/blob/main/protocol/contracts/templegold/DaiGoldAuction.sol#L260-L279
Impact
Finished DaiGoldAuctions with 0 bids cannot recover the TGLD tokens. Those tokens remain stuck and cannot be used for the next auctions, neither to be transfered somewhere else.
Tools Used
Manual review
Recommendations
Implement similar mechanism for recovering tokens from 0 bid auctions like in SpiceAuction.recoverAuctionTokenForZeroBidAuction()
Lead Judging Commences
Auctioned tokens cannot be recovered for epochs with empty bids in DaiGoldAuction
Appeal created
Auctioned tokens cannot be recovered for epochs with empty bids in DaiGoldAuction
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.