Strategic Bid Manipulation in Auctions
Summary
This report identifies and analyzes a potential vulnerability in the Fjord Auction contract, where a malicious bidder can strategically flood the auction with a large bid to discourage other participants. Subsequently, the bidder can withdraw a significant portion of their bid near the auction's end, manipulating the auction outcome to their advantage.
Vulnerability Details
The bidder places an excessively large bid early in the auction, creating the perception of intense competition. This inflated bid amount can discourage other participants from bidding, as it reduces the potential return (i.e., the number of tokens received per unit of bid).
Then, near the end of the auction, the bidder unbid a significant portion of their bid. This reduction in the total bid amount increases the multiplier, thereby inflating the number of tokens the bidder can claim relative to their final bid.
Impact
The strategic bidder gains a disproportionate share of the auctioned tokens, undermining the fairness of the auction process.
Tools Used
Manual analysis
Recommendations
Modify the multiplier calculation to account for the timing and volatility of bids. For instance, apply a time-weighted multiplier that reduces the impact of last-minute bid changes, ensuring that the multiplier reflects a more stable bidding process.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.