Tadle
Tadle
DeFiFoundry
27,750 USDC
View results
Previous Next
Submission Details
Severity: low
Valid

Inaccurate representation of used points in relisted offers could lead to financial losses and incorrect states

cheatcode

Summary

In the current implementation of the relistOffer function, when an offer that was partially filled and then canceled is relisted, the usedPoints are not reset. This means that the relisted offer retains the usedPoints from its previous state.

Impact

  1. The relisted offer appears to have less available capacity than it actually does, as the usedPoints from the previous listing are still counted.

  2. Other parts of the contract use usedPoints to calculate available amounts or settle trades, it could lead to incorrect calculations and potentially financial losses for users.

  3. The offer's state becomes inconsistent, as a freshly relisted offer should logically start with zero used points.

Code

https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/core/PreMarkets.sol#L524

/// @dev update offer status to virgin
offerInfo.offerStatus = OfferStatus.Virgin;
emit RelistOffer(_offer, _msgSender());

Mitigation

Reset the usedPoints to zero when relisting the offer. Here's how we can modify the affected part of the code:

/// @dev update offer status to virgin and reset usedPoints
offerInfo.offerStatus = OfferStatus.Virgin;
offerInfo.usedPoints = 0; // Reset usedPoints to zero
emit RelistOffer(_offer, _msgSender());
Updates

Lead Judging Commences

0xnevi Lead Judge
12 months ago
0xnevi Lead Judge 12 months ago
Submission Judgement Published
Validated
Assigned finding tags:

finding-PreMarkets-createTaker-Ongoing-Status-Low

Although duplicate of #148, impact mentioned is low severity/invalid, see comments there

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.