Skip to content

Latest commit

 

History

History
61 lines (39 loc) · 1.69 KB

082.md

File metadata and controls

61 lines (39 loc) · 1.69 KB

Striped Fiery Lark

High

1 out of 10 auction will revert

Summary

When minting NFTs, every 1 out of 10 NFTs up to ID 1820 will be a special Nounder NFT. Currently we are on 1332, which can be checked using their site.

https://github.com/sherlock-audit/2024-11-nounsdao/blob/main/nouns-monorepo/packages/nouns-contracts/contracts/NounsToken.sol#L149-L154

    function mint() public override onlyMinter returns (uint256) {
        if (_currentNounId <= 1820 && _currentNounId % 10 == 0) {
            _mintTo(noundersDAO, _currentNounId++);
        }
        // minter refers to auction house
        return _mintTo(minter, _currentNounId++);
    }

The issue that occurs here is that NounsAuctionHouseV3 makes auctions for every NFT, and upon settling those auctions it tries to transfer the NFT away to the winner.

https://github.com/sherlock-audit/2024-11-nounsdao/blob/main/nouns-monorepo/packages/nouns-contracts/contracts/NounsAuctionHouseV3.sol#L346-L350

        if (_auction.bidder == address(0)) {
            nouns.burn(_auction.nounId);
        } else {
            nouns.transferFrom(address(this), _auction.bidder, _auction.nounId);
        }

However 1 out 10 NFTs will not be minted into the auction house and when it tries to settle the auction the function would revert causing the contract to be bricked, or the least temporary DOS.

Root Cause

Not handling the special NFTs

Internal pre-conditions

none

External pre-conditions

none

Attack Path

none

Impact

Contract cannot make any more auctions as _settleAuction reverts every time.

PoC

No response

Mitigation

Consider skipping auctions for these NFTs