Lucene search
K

4 matches found

Code423n4
Code423n4
added 2024/01/07 12:0 a.m.9 views

Upgraded Q -> 2 from #643 [1704652543122]

Judge has assessed an item in Issue 643 as 2 risk. The relevant finding follows: L-2 Setting Auction::reservePrice equal to 0 can create a chain of 0 price bids --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/12/21 12:0 a.m.9 views

Bidders can bid at previous auction reserve price by frontrunning the setter transactions

Lines of code Vulnerability details Impact The AuctionHouse.settleCurrentAndCreateNewAuction can frontrun the setter functions such as setCreatorRateBps, setMinCreatorRateBps, setEntropyRateBps, setTimeBuffer, setMinBidIncrementPercentage & setReservePrice. As soon as the current auction ends, an...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/01/29 12:0 a.m.8 views

Mitigation of M-03: See comments

Lines of code Vulnerability details The PR does not follow the recommended mitigation from the finding, and instead still allows under-priced bids to be added if the total value being added is at least a multiple of the minimum reserve price. Impact If, for example, the reserve price is 10 Eth,...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/01/29 12:0 a.m.10 views

User might not be able to claim refund when the NFT is bought for less than the minimum reserve price

Lines of code Vulnerability details Impact User might not be able to claim refund when the NFT is bought for less than the minimum reserve price because the minReservePrices is rounded down, which make the contract refund sightly more eth to each user. In most case, the last user will not be able...

6.9AI score
Exploits0
Rows per page
Query Builder