Fjord Token Staking
Fjord
DeFiFoundry
20,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

totalTokens are not validated in createAuction Function

nevambla

Summary

The createAuction function in the AuctionFactory contract currently lacks validation for the totalTokens parameter. This issue may allow the creation of auctions with zero tokens, which could lead to unintended behavior or contract misuse.

Vulnerability Details

In the createAuction function, the totalTokens parameter is not validated to ensure it is greater than zero. This omission can result in scenarios where an auction contract is deployed with a token amount of zero. Although not explicitly harmful, having auctions with zero tokens is not meaningful and can cause confusion or unintended behavior in the auction system.

Function Code:

function createAuction(
address auctionToken,
uint256 biddingTime,
uint256 totalTokens,
bytes32 salt
) external onlyOwner {
address auctionAddress = address(
new FjordAuction{ salt: salt }(fjordPoints, auctionToken, biddingTime, totalTokens)
);
// Transfer the auction tokens from the msg.sender to the new auction contract
IERC20(auctionToken).transferFrom(msg.sender, auctionAddress, totalTokens);
emit AuctionCreated(auctionAddress);
}

Impact

The lack of validation for the totalTokens parameter can lead to the following impacts:

  • Misconfigured Auctions: Auctions with zero tokens might be created, leading to configurations that don't serve any practical purpose and might confuse users.

  • Potential Exploits: While the direct impact might be minimal, other contract functions or dependent systems that assume positive token values could potentially behave unexpectedly or be exploited if zero tokens are handled incorrectly.

Tools Used

Manual Code Review: The issue was identified through a thorough examination of the smart contract's logic and parameter usage.

Recommendations

To address this issue, implement a validation check to ensure that totalTokens is greater than zero. This can be achieved by adding a condition that reverts the transaction if totalTokens is zero. Here is the recommended modification:

function createAuction(
address auctionToken,
uint256 biddingTime,
uint256 totalTokens,
bytes32 salt
) external onlyOwner returns (address auctionAddress) {
if (totalTokens == 0) revert InvalidAmmount(); //<==
auctionAddress = address(
new FjordAuction{ salt: salt }(fjordPoints, auctionToken, biddingTime, totalTokens)
);
// Transfer the auction tokens from the msg.sender to the new auction contract
IERC20(auctionToken).transferFrom(msg.sender, auctionAddress, totalTokens);
emit AuctionCreated(auctionAddress);
}

This change ensures that only valid auctions with a positive number of tokens can be created, thus maintaining the integrity of the auction system.

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.