Disproportionate token distribution due to extreme bid-to-token ratio
Summary
When the total amount of bids (totalBids) is extremely small compared to the total number of tokens being auctioned (totalTokens), the contract's distribution algorithm can lead to severely skewed and unfair token allocations. This issue arises from the method used to calculate the 'multiplier' variable, which determines how many auction tokens each bidder receives per FjordPoint bid.
Vulnerability Details
The vulnerability stems from the following calculation in the auctionEnd() function:
When totalBids is very small, this results in an extremely large multiplier. Subsequently, in the claimTokens() function, this large multiplier is used to calculate each bidder's token allocation:
Here's a practical example:
Consider an auction with the following parameters:
-
totalTokens = 100,000,000 (100 million)
-
PRECISION_18 = 1e18 (1 followed by 18 zeros)
-
totalBids = 1 (just 1 FjordPoint bid in total)
In this scenario:
Multiplier calculation would be:
Now, let's say a user who bid 1 FjordPoint tries to claim their tokens:
In this case, the single bidder would receive all 100 million tokens. This is mathematically correct given the inputs, but it might not be the intended outcome of the auction.
Impact
A user with a very small bid can take all the auction tokens.
Tools Used
Manual review
Recommendations
Implement checks to ensure a more equitable distribution even with very low total bids.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.