Cuddly Cream Jellyfish
Medium
No limit on auction extension periods for V3 auctions could cause indefinite or very dragged on auction periods depending on configured minBidIncrementPercentage and reservePrice.
During an auction, users bid calling createBid, while a limit on the placed bid amount is enforced with:
require(msg.value >= _reservePrice, 'Must send at least reservePrice');
require(
msg.value >= _auction.amount + ((_auction.amount * _minBidIncrementPercentage) / 100),
'Must send more than last bid by minBidIncrementPercentage amount'
);If the reservePrice and minBidIncrementPercentage is not high enough a user only needs to bid minBidIncrementPercentage more for this to pass. As long as the executed bid is placed within the timeBuffer which is set to a max upper limit of 1 day, there is no limit enforced on how many times the auction end could be shifted:
bool extended = _auction.endTime - block.timestamp < _timeBuffer;
...
if (extended) {
auctionStorage.endTime = _auction.endTime = uint40(block.timestamp + _timeBuffer);
emit AuctionExtended(_auction.nounId, _auction.endTime);
}Auctions have no definite limit on when they would end using time extensions, and depending on the auction amount - if small enough, auctions can be dragged out indefinitely.
This can be resolved using the following tactics together:
- Place a limit on how many times an auction can be time extended.
- Enforce a high enough value for
reservePriceandminBidIncrementPercentageso that tiny amounts cannot be used to postpone auctions. - Use a shorter
timeBufferperiod.