Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
code423n4Code4renaCODE423N4:2023-12-REVOLUTIONPROTOCOL-FINDINGS-ISSUES-575
HistoryDec 21, 2023 - 12:00 a.m.

Incomplete Creator Rewards in Auction Settlement

2023-12-2100:00:00
Code4rena
github.com
4
auctionhouse
settlement
creators
funds
rounding error
financial loss
tax mechanism
erc20tokenemitter
mitigation
decimal

AI Score

7.1

Confidence

Low

JSON

Lines of code

Vulnerability details

Summary

During the settlement of auctions in the AuctionHouse, the proceeds meant for creators are not accurately distributed, leading to potential loss of funds for the creators.

Vulnerability Details

In the process of settling auctions (AuctionHouse::_settleAuction), the proceeds from the auction (_auction.amount) are intended to be shared between the auction owner and the creators (creatorsShare). However, due to Solidity rounding error properties, residual tokens may be left after sending funds to the creators. This remaining balance is then used to buy tokens for the creators through erc20TokenEmitter.buyToken() which is then taxed to reward the protocol.

This process can result in an incomplete distribution of funds to creators, leading to potential financial loss for them. Additionally, the tax mechanism may further impact the overall amount reaching the creators.

// Relevant excerpt from _settleAuction() in AuctionHouse.sol
uint256 creatorsShare = _auction.amount - auctioneerPayment;
// ... (other logic)
if (creatorsShare > ethPaidToCreators) {
    creatorTokensEmitted = erc20TokenEmitter.buyToken{ value: creatorsShare - ethPaidToCreators }(
        vrgdaReceivers,
        vrgdaSplits,
        IERC20TokenEmitter.ProtocolRewardAddresses({
            builder: address(0),
            purchaseReferral: address(0),
            deployer: deployer
        })
    );
}

Impact

This issue deprives the piece creators of their rightful rewards, potentially resulting in a loss for them. It also introduces an opportunity for market competition by offering a more transparent and fairer deal than the protocol.

Tools Used

Manual review

Recommended Mitigation Steps

Implement a function in ERC20TokenEmitter::buyToken() that accounts for the creators’ share of the tax when called from AuctionHouse::_settleAuction(). This can be achieved by adding a validation statement to check if the caller of ERC20TokenEmitter::buyToken() is the AuctionHouse and adjusting the logic accordingly.

Assessed type

Decimal

The text was updated successfully, but these errors were encountered:

All reactions

AI Score

7.1

Confidence

Low

JSON