Wrong boolean value is being parsed in the calculation of totalDepositAmount in `PreMarkets.sol#abortAskOffer`
Summary
In PreMarkets.sol#abortAskOffer, during the calculation of totalDepositAmount wrong value gets parsed
Vulnerability Details
PreMarkets.sol#abortAskOffer calculates totalDepositAmount by internally calling offerlibraries.sol#getDepositAmount()
it parses false boolean value to getDepositAmount
which as you can see represents whether the caller is from a maker or not and abortaskOffer is a function that can be called only by the maker which makes this value incorrect leading to wrong calculations being done.
This function's output is consumed by a refundAmountCheck
Impact
The incorrect refund amount will be calculated.
Tools Used
Manual review
Recommendations
Lead Judging Commences
finding-PreMarkets-abortAskOffer-isMaker-false
Valid high severity, the `totalDepositAmount` of collateral computed from the amount of point used (posted to transact) should use the same isMaker flag as when computing the original collateral deposited by maker, if not, the amount available for withdrawal during abortion will be overestimated
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.