Tadle

DeFiFoundry

27,750 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

`Takers` can abort their bid even when the market is offline.

OdeWeb3

Summary

According to the protocols invariant, delicate functionalities should not be performed when the market is offline, hence the need for the numerous checks. However, the abortBidTaker is currently susceptible to be broken in a function that currently does'nt implement the check.

*Line of Code
https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/core/PreMarkets.sol#L536-L644

Description

The PreMarkets.sol::abortBidTaker which is a function called by Only offer owner in order to abort bid taker.
However, this function can be called even when the market is offline which is due to a lack of check that should have been implemented. This makes it possible for users to abuse the system and breaks an invariant.

MakerInfo storage makerInfo = makerInfoMap[offerInfo.maker];

MarketPlaceInfo memory marketPlaceInfo = systemConfig

.getMarketPlaceInfo(makerInfo.marketPlace);

marketPlaceInfo.checkMarketPlaceStatus(

block.timestamp,

MarketPlaceStatus.Online

);

POC

function test_abort_when_market_offline() external {

vm.startPrank(bob);

preMarktes.createOffer(

CreateOfferParams(

marketPlace,

address(mockUSDCToken),

1000,

0.01 * 1e18,

12000,

300,

OfferType.Ask,

OfferSettleType.Protected

)

);

vm.stopPrank();

// vm.startPrank(user1);

// mockUSDCToken.approve(address(tokenManager), type(uint256).max);

address offerAddr = GenerateAddress.generateOfferAddress(0);

address stockAddr = GenerateAddress.generateStockAddress(0);

vm.prank(alice);

preMarktes.createTaker(offerAddr, 500);

vm.prank(bob);

preMarktes.abortAskOffer(stockAddr, offerAddr);

// preMarktes.abortBidTaker(stockAddr, offerAddr);

vm.prank(admin) ;

systemConfig.updateMarketPlaceStatus("Backpack", MarketPlaceStatus.Offline); //@audit

address stock1Addr = GenerateAddress.generateStockAddress(1);

vm.prank(alice);

preMarktes.abortBidTaker(stock1Addr, offerAddr); //@audit `Takers` can abort their bid even the market is offline.

}

Impact

System can be abused while the market is offline and it also breaks the logic of the protocol.

Mitigation

Add the checkMarketPlaceStatus just like it is been done in other similar functions

Updates

Lead Judging Commences

0xnevi Lead Judge over 1 year ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Assigned finding tags:

[invalid] finding-PreMarkets-abortBidTaker-lack-check-abort

Informational, during emergencies, even if abortions are allowed, withdrawal can be paused and collateral cannot be pulled anyways (`whenNotPaused` modifier within `withdraw()`), so there is no impact here, given funds outflow can be paused.

Appeal created

mansa11 Auditor

over 1 year ago

0xnevi Lead Judge

over 1 year ago

0xnevi Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Assigned finding tags:

[invalid] finding-PreMarkets-abortBidTaker-lack-check-abort

Prize pool breakdown

Total prize

27,750 USDC

nSLOC

1,229

23 USDC / LOC

High Medium

25,000 USDC

Low

2,750 USDC

Judges

2,250 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!