Fjord Token Staking

Title:

Manipulation of Token Prices in Auction Through Unbidding

Summary:

The auction system is vulnerable to price manipulation due to the ability of the highest bidder to unbid their bids. This vulnerability allows a bidder to strategically inflate the price of tokens during the auction and then revert their bids before the auction ends, significantly reducing the effective token price and enabling them to acquire tokens at a much lower cost.

Attack Path:

1. Inflation of Bid Amounts:

   • A wealthy bidder (referred to as the "rich bidder") places a large number of fjordpoints into the auction, causing the token price to increase substantially. For example, with a large bid, the exchange rate might become 100 fjordpoints = 1 fjordtoken.

2. Deterrence of Other Bidders:

   • Due to the high token price per fjordpoint, other potential bidders are discouraged from participating in the auction.

3. Strategic Unbidding:

   • The rich bidder waits until the auction is nearing its end and then withdraws (unbids) a portion or all of their initial bids. This action decreases the total bid amount in the auction and improves the effective token price ratio.

4. Re-Bidding at a Lower Price:

   • With the reduced bid amount, the token price ratio adjusts to a more favorable rate, such as 0.1 fjordpoints = 1 fjordtoken or even less.

5. Acquisition of Tokens at a Reduced Price:

   • When the auction ends, the rich bidder can claim a disproportionate number of tokens at the significantly lowered price, effectively manipulating the auction outcome in their favor.

Impact:

• Token Price Manipulation:
  The ability to unbid allows the highest bidder to manipulate the price of the auction tokens, resulting in an unfair advantage and potentially significant financial gain at the expense of other participants.

• Market Integrity:
  This vulnerability undermines the fairness and integrity of the auction process, leading to potential loss of trust from participants and undermining the credibility of the auction platform.

Tools used

manual code review.

Recommendations:

To mitigate this vulnerability and prevent manipulation, consider implementing the following changes:

1. Track the Highest Bidder:

   • Introduce variables to track the highest bid amount and the corresponding highest bidder. This ensures that the system can identify who is leading the auction.

   uint256 highestBid;

   address highestBidder;

   ​

   function bid(uint256 amount) external {

   if (block.timestamp > auctionEndTime) {

   revert AuctionAlreadyEnded();

   }

   ​

   if (amount > highestBid) {

   highestBid = amount;

   highestBidder = msg.sender;

   }

   bids[msg.sender] = bids[msg.sender].add(amount);

   totalBids = totalBids.add(amount);

   ​

   fjordPoints.transferFrom(msg.sender, address(this), amount);

   emit BidAdded(msg.sender, amount);

   }

2. Restrict Unbidding for the Highest Bidder:

   • Prevent the highest bidder from unbidding their bids to ensure that they cannot exploit the system by manipulating the bid amounts.

   error HighestBidderCannotUnbid();

   ​

   function unbid(uint256 amount) external {

   if (block.timestamp > auctionEndTime) {

   revert AuctionAlreadyEnded();

   }

   ​

   if (msg.sender == highestBidder) {

   revert HighestBidderCannotUnbid();

   }

   ​

   uint256 userBids = bids[msg.sender];

   if (userBids == 0) {

   revert NoBidsToWithdraw();

   }

   if (amount > userBids) {

   revert InvalidUnbidAmount();

   }

   ​

   bids[msg.sender] = bids[msg.sender].sub(amount);

   totalBids = totalBids.sub(amount);

   ​

   fjordPoints.transfer(msg.sender, amount);

   ​

   emit BidWithdrawn(msg.sender, amount);

   }

By implementing these recommendations, the auction system will be better protected against price manipulation and will maintain a fair and equitable environment for all participants.