2 matches found
AuctionDemo::claimAuction() - L105: Logic bug in the conditional statement where the timestamp check should be > instead of >=.
Lines of code Vulnerability details Impact Would enable the winning bidder/bid to be selected WHILE it's still possible to bid higher in the auction. I.e. current comparison logic makes it possible to select auction winner while the auction isnt over yet. there's the risk of the true/valid highes...
Inefficiency in the Dutch Auction due to lower duration
Lines of code Vulnerability details The vulnerability or bug is in the implementation of the function getDutchAuctionStrike The AUCTIONDURATION is defined as 24 hours, and consider that the dutchAuctionReserveStrike or reserveStrike will never be set to 0 by user. Now if a vault is created with...