Lack of order cancellation functionality creates risk of permanent token lockup
Summary
The contract does not provide a mechanism for users to cancel sell orders, leading to the potential for permanent token lock.
Vulnerability Details
The sellErc20 function allows users to create sell orders, but there is no way to cancel these orders. This means that if market conditions change, users need immediate access to their tokens, or users make a mistake in the price or amount, they cannot cancel the order and regain access to their tokens. This can lead to important scenarios where users can permanently lose access to their tokens.
Impact
Permanent token lock can occur in various scenarios, such as market price changes, emergency situations, lack of buyers, or user errors in price or amount. This can lead to users losing access to their tokens, causing financial loss and dissatisfaction.
Tools Used
Solidity, Foundry.
Recommendations
Add a cancelOrder function that allows users to cancel their sell orders if needed. This will prevent permanent token lock and provide more flexibility in trading conditions.
Lead Judging Commences
Sell orders cant be canceled
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.