Omniscia Seen Haus Audit
AuctionBuilderFacet Manual Review Findings
AuctionBuilderFacet Manual Review Findings
ABF-01M: Improper Sanitization of Start Time
| Type | Severity | Location |
|---|---|---|
| Input Sanitization | Major | AuctionBuilderFacet.sol:L110, L115-L117 |
Description:
The logic of the code states that to make sure an auction doesn't exist, the auction.start member is validated to be zero as it is meant to always be non-zero on an actual auction. This is invalid as an auction with a _clock type equal to Trigger and a _start argument equal to 0 would still be considered as "inexistent" until the first bid comes in and thus be frozen in time.
Example:
109// Make sure auction doesn't exist (start would always be non-zero on an actual auction)110require(auction.start == 0, "Auction exists");111
112// Make sure start time isn't in the past if the clock type is not trigger type113// It doesn't matter if the start is in the past if clock type is trigger type114// Because when the first bid comes in, that gets set to the start time anyway115if(_clock != Clock.Trigger) {116 require(_start >= block.timestamp, "Non-trigger clock type requires start time in future");117}118
119// Set up the auction120setAudience(_consignmentId, _audience);121auction.consignmentId = consignment.id;122auction.start = _start;123auction.duration = _duration;124auction.reserve = _reserve;125auction.clock = _clock;126auction.state = State.Pending;127auction.outcome = Outcome.Pending;Recommendation:
We advise an else clause to be introduced to the _start sanitization that ensures the value is simply positive. This will solve all zero-based evaluations of an auction's existence, such as in AuctionRunnerFacet.
Alleviation:
The recommended else clause has been properly introduced to the code.
ABF-02M: Inexistent Sanitization of Auction Duration
| Type | Severity | Location |
|---|---|---|
| Input Sanitization | Minor | AuctionBuilderFacet.sol:L123, L235 |
Description:
The logic of the auction runner contract indicates that an auction is assumed at all times to have a duration over 15 minutes, the value of the extensionWindow.
Example:
119// Set up the auction120setAudience(_consignmentId, _audience);121auction.consignmentId = consignment.id;122auction.start = _start;123auction.duration = _duration;124auction.reserve = _reserve;125auction.clock = _clock;126auction.state = State.Pending;127auction.outcome = Outcome.Pending;Recommendation:
We advise this to be mandated by the codebase itself to ensure proper extension updates as they would not trigger otherwise in case of Clock.Trigger type auctions or the first bid.
Alleviation:
The _duration is now properly mandated to be greater-than-or-equal-to (>=) the 15 minute extension window.