Platform: Code4rena
Start Date: 13/12/2023
Pot Size: $36,500 USDC
Total HM: 18
Participants: 110
Period: 8 days
Judge: 0xTheC0der
Id: 311
League: ETH
Rank: 83/110
Findings: 1
Award: $21.24
🌟 Selected for report: 0
🚀 Solo Findings: 0
21.242 USDC - $21.24
The AuctionHouse::settleCurrentAndCreateNewAuction function is used to first settle the current auction and create a new one and can be called by anyone. Lets take a look at _settleAuction(). Here we send the highest bidder the VerbToken, pay the creators(ETH and ERC20) and pay the owner. The max amount of creators an art can have is 100. If malicious user adds art with 100 creators(smart contracts with unbounded loops) that will consume all the gas when receiving ETH and his art wins, the following check in _createAuction: require(gasleft() >= MIN_TOKEN_MINT_GAS_THRESHOLD, "Insufficient gas for creating auction"); might fail. If somehow this doesn't fail, the user that called settleCurrentAndCreateNewAuction will end up paying a lot of gas, which may lead to less trust in the contract.
Manual Review
Use pull over push method when sending the rewards to the creators(ETH and ERC20).
DoS
#0 - c4-pre-sort
2023-12-22T17:25:50Z
raymondfam marked the issue as sufficient quality report
#1 - c4-pre-sort
2023-12-22T17:26:01Z
raymondfam marked the issue as duplicate of #93
#2 - c4-pre-sort
2023-12-24T14:35:59Z
raymondfam marked the issue as duplicate of #195
#3 - MarioPoneder
2024-01-06T13:24:00Z
See comment on primary issue: https://github.com/code-423n4/2023-12-revolutionprotocol-findings/issues/195#issuecomment-1879684718
#4 - c4-judge
2024-01-06T13:24:04Z
MarioPoneder marked the issue as partial-25
#5 - c4-judge
2024-01-11T18:25:54Z
MarioPoneder marked the issue as not a duplicate
#6 - c4-judge
2024-01-11T18:42:28Z
MarioPoneder marked the issue as duplicate of #93
#7 - c4-judge
2024-01-11T18:42:34Z
MarioPoneder marked the issue as partial-50