Submission Details
Impact:
Likelihood:
AuctionExtended Event May Not Be Emitted
Root + Impact
Description
In placeBid(), if listing.auctionEnd <= block.timestamp, timeLeft = 0. This may cause unexpected behavior where the auction is extended without correctly emitting the AuctionExtended event.
if (listing.auctionEnd > block.timestamp) {
timeLeft = listing.auctionEnd - block.timestamp;
}
if (timeLeft < S_AUCTION_EXTENSION_DURATION) {
listing.auctionEnd = listing.auctionEnd + S_AUCTION_EXTENSION_DURATION;
emit AuctionExtended(tokenId, listing.auctionEnd);
}
Risk
Likelihood:
edge case
Impact:
informational/logging issue
Proof of Concept
function test_auction_extended() public {
vm.prank(OWNER);
nft.mint(SELLER);
// Seller lists valuable NFT
vm.startPrank(SELLER);
nft.approve(address(market), TOKEN_ID);
market.listNFT(TOKEN_ID, MIN_PRICE, 0);
vm.stopPrank();
vm.warp(block.timestamp + 15 minutes);
// Griefer places minimum bid (minPrice + 1 wei)
vm.prank(BIDDER_1);
market.placeBid{value: 2 ether}(TOKEN_ID);
}
Recommended Mitigation
Add a condition to avoid extending auctions after expiry, or clarify logic with comments.
Rewards breakdown
nSLOC
170This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.