Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Incorrect Start Time Validation in Auction Contract

olugbenga

Summary

The auction contract's whenActive modifier uses a strict greater than comparison instead of greater than or equal to for the start time validation, causing the first valid timestamp to be skipped and creating a delay in the auction start.

Vulnerability Details

whenActive modifier allows a user to buy zeno token only when the auction is active.

modifier whenActive() {
require(block.timestamp > state.startTime, "Auction not started");
require(block.timestamp < state.endTime, "Auction ended");
_;
}

The issue arises because:

  1. When block.timestamp equals state.startTime, the auction should be active but the current implementation requires block.timestamp to be strictly greater than state.startTime

  2. This creates a one-second gap where the auction should be active but it's not

  3. The first valid timestamp is skipped

Impact

  • delay in auction start time

  • Inconsistency with expected behavior

Tools Used

Manual

Recommendations

  • Modify the whenActive modifier to use greater than or equal to:

    modifier whenActive() {
    require(block.timestamp >= state.startTime, "Auction not started");
    require(block.timestamp < state.endTime, "Auction ended");
    _;
    }
Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!