Tadle
Tadle
DeFiFoundry
27,750 USDC
View results
Previous Next
Submission Details
Severity: low
Valid

State not effectively set when trade is done

tinnohofficial

Vulnerability Details

Within the PreMarkes::createTaker function, there is no update in the offerStatus even though clearly the trade has been executed. The OfferInfo struct includes offerStatus which is an enum below;

/**
* ...
* @param Ongoing offer has been listed, and already one trade.
* ...
* @param Filled offer has been filled.
* ...
*/
enum OfferStatus {
Unknown,
Virgin,
Ongoing, // @audit should be updated to this when at least trade has been done
Canceled,
Filled, // @audit should be offer should be updated to Filled when it is completely filled.
Settling,
Settled
}

This makes the offerInfo.offerStatus to remain Virgin even though the offer has been fulfilled as no modifications are done in PreMarkes::createTaker -
https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/core/PreMarkets.sol#L164

Impact

Offer depicts wrong offerStatus information

Tools Used

Manual Review

Recommendations

Consider updating the offerInfo offerStatus accordingly in respective functions, for example in PreMarkets::createTaker you can update it to either Ongoing or Filled depending on the scenario.

Updates

Lead Judging Commences

0xnevi Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

finding-PreMarkets-createTaker-Ongoing-Status-Low

Although duplicate of #148, impact mentioned is low severity/invalid, see comments there

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.