Nutty Cobalt Badger
High
The endAuction() function of the Auction smart contract uses an incorrect divisor (precision) in the calculation for determining whether the pool sale limit is reached. This results in a significantly lower threshold, leading to unintended state transitions and potentially incorrect auction outcomes.
The endAuction() function contains a condition that determines the state of the pool and whether the sale limit has been reached. However, the calculation in the condition is incorrect.
The poolSaleLimit value is set as a scaled percentage in initialize() function (e.g., 95000 represents 95% according to NatSpec docs), but the calculation divides by 100 instead of 100000 (100%). This results in a significantly lower threshold, leading to unintended state transitions and potentially incorrect auction outcomes.
else if (totalSellReserveAmount >= (IERC20(sellReserveToken).balanceOf(pool) * poolSaleLimit) / 100) { state = State.FAILED_POOL_SALE_LIMIT; }
- Set
poolSaleLimitto 95000 (95%). - Initiate an auction with sufficient bids to approach the pool sale limit.
- Observe premature state transitions when the actual pool sale limit is not reached due to incorrect scaling.
No response
No response
Incorrect calculation leads to incorrect operation of the auction and changes in its status.
No response
Update the divisor from 100 to 100000 to correctly account for the scaling of poolSaleLimit.