The settleAskTaker function in DeliveryPlace.sol allows the stock authority to settle an Ask taker, distributing settled point tokens and collateral fees.
Summary
The settleAskTaker function in DeliveryPlace.sol allows the stock authority to settle an Ask taker, distributing settled point tokens and collateral fees.
Vulnerability Details
The function calculates the settled point token amount based on the market place's token per point and the settled points.
And then credits pointToken to bid offer's owner(maker).
As we can see in above code, offer's owner can receive collateral token but not point token.
Impact
It makes protocol useless and breaks protocol, because accounting system is not working in correctly.
Due to this, user can't get point token and collateral token can be at risk, breaking protocol running.
Tools Used
Manual review
Recommendations
please use correct point token address.
Lead Judging Commences
finding-DeliveryPlace-settleAskTaker-closeBidTaker-wrong-makerinfo-token-address-addToken-balance
Valid high severity, In `settleAskTaker/closeBidTaker`, by assigning collateral token to user balance instead of point token, if collateral token is worth more than point, this can cause stealing of other users collateral tokens within the CapitalPool contract, If the opposite occurs, user loses funds based on the points they are supposed to receive
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.