Tadle

DeFiFoundry

27,750 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

`Takers` of a `Ask` offer are unable to claim compensation from a `Maker` who did not settle.

eeyore

Summary

There is no option for a Taker of an Ask offer to claim compensation from a Maker if the Maker did not settle the Ask offer and the current market status is BidSettling.

The Takers' funds are locked in the system, and the only way to extract them is through direct Owner intervention, which is not guaranteed to occur.

Vulnerability Details

If the Maker did not settle, the only way for the Takers to be refunded and compensated is through an Owner call to the DeliveryPlace.settleAskMaker() function:

File: DeliveryPlace.sol

249: if (status == MarketPlaceStatus.AskSettling) {

250: if (_msgSender() != offerInfo.authority) {

251: revert Errors.Unauthorized();

252: }

253: } else {

254: if (_msgSender() != owner()) { // <== anyone should be able to settle when status == MarketPlaceStatus.BidSettling

255: revert Errors.Unauthorized();

256: }

257: if (_settledPoints > 0) {

258: revert InvalidPoints();

259: }

260: }

This situation is not ideal, as there should be a direct way for a Taker of an Ask offer to settle the trade and receive compensation when the marketplace is in the BidSettling state.

Impact

Denial of Service (DoS) in claiming compensation for the Taker of an Ask offer.

Tools Used

Manual review.

Recommendations

Allow the Taker of an Ask offer to call for the settlement of an unsettled Ask offer if the marketplace is in the BidSettling state.

if (status == MarketPlaceStatus.AskSettling) {

if (_msgSender() != offerInfo.authority) {

revert Errors.Unauthorized();

}

+ } else if (status == MarketPlaceStatus.BidSettling) {

+ if (_settledPoints > 0) {

+ revert InvalidPoints();

+ }

} else {

Updates

Lead Judging Commences

0xnevi Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Design choice

Assigned finding tags:

[invalid] finding-DeliveryPlace-owner-do-not-call-settleAskMaker

Invalid, the makers are incentivized to settle offers to earn maker bonuses when subsequent takers and makers make trade using the original collateral put up for points as well as get back their initial collateral. Additionally, if they do not settle on time, they will lose all their initial collateral, forcing the `owner` to come in and perform the settlement and retrieving that collateral. This is noted as a design decision [here](https://tadle.gitbook.io/tadle/how-tadle-works/features-and-terminologies/settlement-and-collateral-rate) If all else fails, the `owner` can come in to settle as seen [here](https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/core/DeliveryPlace.sol#L254-L256) and [here](https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/core/DeliveryPlace.sol#L365-L367) offers to allow closing offers and subsequently allowing refunds. I acknowledge that perhaps a more decentralized

Appeal created

eeyore Submitter

about 1 year ago

0xnevi Lead Judge

about 1 year ago

0xnevi Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Design choice

Assigned finding tags:

[invalid] finding-DeliveryPlace-owner-do-not-call-settleAskMaker

Prize pool breakdown

Total prize

27,750 USDC

nSLOC

1,229

23 USDC / LOC

High Medium

25,000 USDC

Low

2,750 USDC

Judges

2,250 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.