Buyer Agent Will Lose Fees In Some Situations
Summary
In the BuyerAgent::oraclePurchaseRequest and BuyerAgent::oracleStateRequest functions, requests are created and sent to an oracle. However, if these requests are initiated towards the end of a phase, they are likely to remain unfulfilled due to the limited remaining time, resulting in a loss of any fees paid by the buyer.
Vulnerability Details
Consider this scenario:
A buyer initiates a purchase request during the Buy phase, but only 10 seconds remain in the phase.
Given the short time, the request will likely not be processed in time, causing it to go unfulfilled.
As a result, the buyer loses the fees paid to the oracle
Impact
This vulnerability could lead to frequent loss of buyer fees when requests are made near the end of a phase. This could deter users from engaging with the protocol and result in decreased trust, as they may incur unexpected losses due to unfulfilled requests.
Tools Used
Manual Review
Recommendations
Restrict Late Requests: Prevent requests from being created if more than 50% of the current phase time has elapsed. This will reduce the likelihood of unfulfilled requests and prevent unnecessary fees from being charged. Another approach is to set a minTime - if the time left in the current phase is less than this minTime, the request should revert.
Lead Judging Commences
There is no guarantee that task will be completed and buyerAgent will get a response to its purchaseRequest before the round ends, but that was already paid for
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.