Buyer can cause a Denial Of Service attack on Sellers if they don't keep sufficient funds during purchase
Summary
Sellers that list assets to be sold during the SELL phase only have to pay royalty fee to get in with no guarantee that at PURCHASE phase, the buyers will actually hold enough token to pay the seller. A malicious buyer may intentionally do this just to drain money in royalty fee from sellers.
Description
In the Swan::purchase(asset) function at the end we see the following line:
This can revert the whole BuyerAgent::purchase() operation.
Impact
Denial of service for sellers because the required buyer didn't keep sufficient funds. They do all the hardowrk but don't get paid.
Tools Used
Manual Analysis
Recommended Mitigations
One way I can think of is to make the buyer stake some amount so that if they don't end up purchasing, they lose the money that can pay back royalties collected from all the sellers. (If you want to be worthy of a seller's service, buyer must stake royalty yourself. If you do make a purchase, then you should get back your royalty unlike the sellers) This can be used to further fund the dria platform and increase accountability on both sides.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.