Offer ID Inconsistency in PreMarkets Contract
Summary
The PreMarkets contract's createOffer function generates addresses for offer and stock using one offerId, but then increments this ID before mapping and emitting offer information. This mismatch creates a severe inconsistency between the addresses generated and the offer data stored on-chain, potentially leading to numerous issues including data corruption, fund misallocation, and system-wide integrity compromise.
Vulnerability Details
Addresses are generated with one offerId, but the offer is mapped and emitted with a different (incremented) offerId.
Impact
Incorrect linking between addresses and offer data.
Tools Used
Manual Review
Recommendations
ReStructure the createFunction
Lead Judging Commences
finding-PreMarkets-createOffer-offerId-increment-after
I believe this is valid low severity, although there is inconsistency here when using the correct `offerId` for assigning offerIds and generating the unique addresses as seen [here](https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/core/PreMarkets.sol#L67-L69), this is purely an accounting error for offerIds. If we generate the offerId using current `offerId - 1`, the appropriate listing/taker orders can still be created against those offers.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.