Off-by-one error in MarketOrder::checkPendingOrder
Vulnerability Details
In the MarketOrder.sol contract, the checkPendingOrder() function is responsible for determining whether a pending market order can be modified or cancelled.
The function implements a check to ensure that a minimum lifetime has passed before an order can be modified. However, the current implementation contains a logical error in this check:
The issue lies in the comparison block.timestamp - self.timestamp <= marketOrderMinLifetime. This condition block an order to be modified when the minimum lifetime is reached, when block.timestamp - self.timestamp == marketOrderMinLifetime. This is inconsistent with the intended behavior of allowing an order to be modified or cancelled at the exact minimum lifetime.
Impact
Incorrect implementation of intended behavior.
Proof of Concept
A market order is placed at time T.
The
marketOrderMinLifetimeis set to 10 seconds.At exactly T + 10 seconds, a request to modify or cancel the order is made.
The
checkPendingOrder()function block the modification.
Recommendations
To fix this issue, modify the condition in the checkPendingOrder() function to use a strict inequality:
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.