Core Contracts

Regnum Aurum Acquisition Corp

HardhatReal World AssetsNFT

77,280 USDC

View results

Previous Next

Submission Details

Severity: medium

Valid

Lack of L2 sequencer check can cause Zeno bond issuers to get less funds than what they anticipated

minusone

Summary

Lack of L2 sequencer check can cause Zeno bond issuers to get less funds than what they anticiapted

Vulnerability Details

In the Auction contract, the following buy function allows a user to purchse Zeno bonds in exchange for USDC tokens during a Dutch auction, where the price decreases over time

/**

Bid on the ZENO auction

User will able to buy ZENO tokens in exchange for USDC

function buy(uint256 amount) external whenActive {

require(amount <= state.totalRemaining, "Not enough ZENO remaining");

uint256 price = getPrice();

uint256 cost = price * amount;

require(usdc.transferFrom(msg.sender, businessAddress, cost), "Transfer failed");

bidAmounts[msg.sender] += amount;

state.totalRemaining -= amount;

state.lastBidTime = block.timestamp;

state.lastBidder = msg.sender;

zeno.mint(msg.sender, amount);

emit ZENOPurchased(msg.sender, amount, price);

}

However, as per the readme, this contract is supposed to be compatible with all EVM blockchains.

This presents an issue where if this contract is deployed on an L2 chain, the lack of a sequencer upcheck can cause Zeno issuers to lose funds if the sequencer is down for a significant amount of time. When an L2 sequencer is down, transactions simply do not get processed.

https://cryptonary.com/the-arbitrum-network-had-an-outage-over-the-weekend/

This can result in potentially disasterous siutations for the issuer. For example, a user could attempt to purchase a bond for 1000 usdc, but due to a sequencer being down for significant amount of time e.g. 30 mins, the transaction doesn't get processed until the sequencer is back online, which at that point, the price of the bond would have dropped from the original price of 1000 usdc, causing the issuer to lose funds

Impact

Loss of funds for the Zeno issuer

Tools Used

Manual Review

Recommendations

Add a check for an active sequencer (e.g. Chainlink's L2 Sequencer Feeds) and consider using block.number for the auction's duration instead of block.timestamp

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Protocol lacks L2 sequencer status checks, allowing transactions to execute at a lower price after downtime in Dutch auctions, or consuming stale prices

inallhonesty Lead Judge 7 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Protocol lacks L2 sequencer status checks, allowing transactions to execute at a lower price after downtime in Dutch auctions, or consuming stale prices

Prize pool breakdown

Total prize

77,280 USDC

nSLOC

3,864

20 USDC / LOC

High Medium

74,000

Low

3,280

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!