No token recover mechanism when the DaiGoldAuction ends without any bid
Summary
When DaiGoldAuction ends without any bid, TGLD tokens will be stuck in the DaiGoldAuction contract. The recoverToken function can not help with this case because it will revert because the auction is ended.
This might look similar to the "No token recover mechanism when the auction ends without any bid" issue from the Cyfrin audit report, but that one focuses on SpiceAuction contract, not DaiGoldAuction. Furthermore, the implemented fix in the report does not cover the issue in DaiGoldAuction contract.
Vulnerability Details
The total claimable TGLD tokens for each round is stored in the variable epochs[auction roundId].totalAuctionTokenAmount.
Normally when the auction has ended, bidders will call claim function to claim a portion of this "epochs[auction roundId].totalAuctionTokenAmount" TGLD tokens. Each bidder portion is based on their bidded DAI token amount.
However, if no bid occurs in that auction round, the TGLD tokens of that round will be stuck.
The recoverToken function can not be used to recover these tokens. Since it restricts calling when the auction has ended.
Impact
The auction tokens can be stuck in the contract and can’t be recovered.
Tools Used
manual audit
Recommendations
I recommend implementing a mechanism to recover the stuck token in "epochs[roundId of ended auction without bidder].totalAuctionTokenAmount".
Lead Judging Commences
Auctioned tokens cannot be recovered for epochs with empty bids in DaiGoldAuction
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.