Auction Deadline Mismatch Between Documentation and Implementation
Root + Impact
Description
Normal behavior: The README specifies auctions have a strict deadline of exactly 3 days from listing. Users should expect auctions to end at that fixed time.
Issue: The implementation dynamically extends auctions when bids are placed near the end (
S_AUCTION_EXTENSION_DURATION). This creates an anti-sniping mechanism, not a fixed-length auction.
Risk
Likelihood:
Occurs whenever bids are placed close to auction end.
Highly likely in active markets where last-minute bidding is common.
Impact:
User confusion: Bidders expecting a 3-day hard deadline may wrongly assume they’ve won.
Unfair play: Wealthy bidders can repeatedly extend auctions, exhausting smaller competitors.
Trust loss: Mismatch between docs and code may create disputes.
Proof of Concept
Explanation:
Instead of ending exactly at 3 days, the auction continues beyond the documented deadline.
Recommended Mitigation
Explanation:
Align implementation with documentation, or update docs to reflect the actual design.
Fix options:
If strict 3-day auctions are intended → remove the extension logic.
If anti-sniping extensions are intended → update documentation to explicitly state auctions may extend when bids are placed near the end.
Lead Judging Commences
BidBeasts Marketplace: Improper Documentation
Documentation for BidBeasts Marketplace is incomplete or inaccurate, potentially leading to misconfigurations or security misunderstandings.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.