Submission Details
Severity:
In `SpiceAuction::setAuctionConfig` perform checks on calldata before accessing storage
function setAuctionConfig(SpiceAuctionConfig calldata _config) external onlyDAOExecutor {
+ if (_config.duration < MINIMUM_AUCTION_PERIOD
+ || _config.duration > MAXIMUM_AUCTION_DURATION
+ || _config.waitPeriod > MAXIMUM_AUCTION_WAIT_PERIOD) { revert CommonEventsAndErrors.InvalidParam(); }
+ /// @dev startCooldown can be zero
+ if (_config.waitPeriod == 0
+ || _config.minimumDistributedAuctionToken == 0) { revert CommonEventsAndErrors.ExpectedNonZero(); }
+ if (_config.recipient == address(0)) { revert CommonEventsAndErrors.InvalidAddress(); }
/// @dev epoch Id is only updated when auction starts.
/// @dev cannot set config for past or ongoing auction
uint256 currentEpochIdCache = _currentEpochId;
if (currentEpochIdCache > 0) {
EpochInfo storage info = epochs[currentEpochIdCache];
/// Cannot set config for ongoing auction
if (info.isActive()) { revert InvalidConfigOperation(); }
}
- if (_config.duration < MINIMUM_AUCTION_PERIOD
- || _config.duration > MAXIMUM_AUCTION_DURATION
- || _config.waitPeriod > MAXIMUM_AUCTION_WAIT_PERIOD) { revert CommonEventsAndErrors.InvalidParam(); }
- /// @dev startCooldown can be zero
- if (_config.waitPeriod == 0
- || _config.minimumDistributedAuctionToken == 0) { revert CommonEventsAndErrors.ExpectedNonZero(); }
- if (_config.recipient == address(0)) { revert CommonEventsAndErrors.InvalidAddress(); }
currentEpochIdCache += 1;
auctionConfigs[currentEpochIdCache] = _config;
emit AuctionConfigSet(currentEpochIdCache, _config);
}
Prize pool breakdown
Total prize
25,000 USDC
nSLOC
99825 USDC / LOC
20,000 USDC
2,500 USDC
2,500 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.