Root + Impact

Description

• Normal behavior: In typical auctions, minPrice is the minimum acceptable bid. The first bid should succeed if it is equal to or greater than minPrice.

• Issue: The implementation enforces that the first bid must be strictly greater than minPrice. This causes valid bids equal to minPrice to revert, reducing fairness and usability.

Risk

Likelihood:

• This issue will occur whenever the first bidder submits a bid equal to the seller’s defined minPrice.

• Given that minPrice is advertised in the listing, it is very likely bidders will attempt to submit that exact amount.

Impact:

• Failed participation: First bidders attempting minPrice will be reverted, potentially discouraging them from retrying.

• Reduced activity: Auctions may stall if users assume their minPrice bid should be valid but are instead reverted.

• Lower trust: Sellers may not receive fair market engagement due to fewer successful first bids.

Proof of Concept

Explanation:
The test sets up a valid auction and attempts a first bid exactly at minPrice. Instead of succeeding, the bid reverts, proving that the contract enforces a > condition instead of >=.

Explanation:
The test sets up a valid auction and attempts a first bid exactly at minPrice. Instead of succeeding, the bid reverts, proving that the contract enforces a > condition instead of >=.function testFail_FirstBidAtMinPrice() public {
vm.prank(SELLER);
market.listNFT(TOKEN_ID, MIN_PRICE, 0);

vm.deal(BIDDER, MIN_PRICE);
vm.prank(BIDDER);
// Expected: should succeed as a valid first bid
// Actual: reverts with "First bid must be > min price"
market.placeBid{value: MIN_PRICE}(TOKEN_ID);
}

Recommended Mitigation

Explanation:
The condition should be relaxed to match the intended semantics of minPrice as the lowest acceptable bid. The first bid must be allowed at >= minPrice.

Code fix:

This ensures:

• The seller’s minPrice is respected.

• The first bid cannot be below minPrice.

• User expectations are aligned with standard auction logic.