Precision loss in `Auction.sol` while calculating the price.
Summary
The Auction::getPrice() function suffers from precision loss due to the use of 6-decimal values for startingPrice and reservePrice. As a result, price calculations may round down to zero in certain cases, leading to incorrect auction pricing behavior.
Vulnerability Details
The getPrice() function determines the auction price over time using linear interpolation:
Issue:
startingPriceandreservePriceare defined with 6 decimals (e.g.,10e6and5e6for USDC-like tokens).The division
(block.timestamp - state.startTime) / (state.endTime - state.startTime)results in a fraction that, when multiplied withstartingPrice - reservePrice, often rounds down to zero.
Example Calculation:
Assume the following values:
state.startTime = 234state.endTime = 1,037,034(234 + 12 days)state.startingPrice = 10e6state.reservePrice = 5e6block.timestamp = 236
The price calculation:
Since (5e6 * 2) / 1036800 rounds to 0, the price remains 10e6, causing no effective price drop in early timestamps.
This issue persists throughout the auction, preventing proper price adjustments and potentially leading to unfair purchases at incorrect prices.
Impact
Auction price does not update correctly due to rounding errors.
Tools Used
Manual code review
Solidity debugging
Hardhat/Foundry tests
Recommendations
Increase precision by using higher decimal values (e.g., 18 decimals) for
startingPriceandreservePriceto reduce rounding errors.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.