getSettlements function will get invalid results

Summary

The missing check of lastestNounId is large than zero after lastetNounId - 1. And if lastetNounId is 0, actually the function should return a non-empty result. While this function will return a meaningless result.

Root Cause

https://github.com/sherlock-audit/2024-11-nounsdao/blob/main/nouns-monorepo/packages/nouns-contracts/contracts/NounsAuctionHouseV3.sol#L430-L469

If we only created 1 auction and not settled it. The latestNounId -= 1, and it will be zero. And the settlementHistory is empty. And the function will return a meaningless result.

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

No response

PoC

No response

Mitigation

No response

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

039.md

039.md

getSettlements function will get invalid results

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation

Files

039.md

Latest commit

History

039.md

File metadata and controls

getSettlements function will get invalid results

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation