Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Bond Protocol>Discussion>Double-counted auctioneer
GeneralOverview
Findings
Medium (2)
Low (1)
Informational (3)
DiscussionRedundant safeTransfer callAssure token is activeRemove unchecked blockDouble-counted auctioneer
Threat ModelsWhat are threat models?BondAggregator.solBondBaseCallback.solBondBaseSDA.solBondBaseTeller.solBondFixedExpirySDA.solBondFixedExpiryTeller.solBondFixedTermSDA.solBondFixedTermTeller.sol
Audit ResultsResults

Double-counted auctioneer

The registerAuctioneer function allows to register a previously registered auctioneer. We recommend adding a check as shown below:

function registerAuctioneer(IBondAuctioneer auctioneer_) external requiresAuth {
    require(_whitelist[address(auctioneer_)] == false, "already registered");
    auctioneers.push(auctioneer_);
    _whitelist[address(auctioneer_)] = true;
}

Remediation

Bond Labs acknowledged this finding and implemented a fix in commit 35687b13.

Zellic © 2024Back to top ↑