BidBeastsNFTMarketPlace::placeBid missed auction duration causing the auction to end sooner

Description

The placeBid function also handles the management of the NFT auction timeframe. Based on the documentation, users expect that once an NFT is listed and the first bid arrives, the auction will proceed for precisely 3 days. After those 3 days, it should conclude automatically, with the winner selected based on the highest bid—without any alterations to the duration or extensions, except in cases where a new bid is placed less than 15 minutes before the scheduled end.

The README specifies “Auction deadline of exactly 3 days”. However, the contract implementation sets the auction duration to 15 minutes after the first bid and applies rolling extensions on subsequent bids. This behavior is inconsistent with the documentation and may cause confusion or disputes between users and the platform.

Risk

Likelihood: High

• Reason 1: Since the auction logic kicks in with every bid, discrepancies in behavior are bound to surface as soon as users read the README and assume a fixed 3-day auction period.

• Reason 2: With the auction duration incorrectly set to 15 minutes instead of 3 days, this issue will affect every listing—it's not just some rare edge case.

Impact: Medium

• Impact 1: The mismatch between user expectations (a guaranteed 3-day wrap-up) and the actual implementation (which could end sooner or keep extending) might lead bidders to make poor decisions.

• Impact 2: Even though it doesn't directly cause financial losses (funds still go to the winner or seller), it could spark disputes, damage the platform's reputation, and introduce potential legal or branding risks.

Proof of Concept

This Foundry test demonstrates sets the auction duration to 15 minutes after the first bid.

Recommended Mitigation

Set the auction duration to 3 days after the first bid.