Abundant Alabaster Toad
Medium
Auction tick per block can be zero during init. This will later cause zero division error when user call editFloorPrice().
This will only happen if user set init price equal to floor price.
- Possible Division by zero value here: https://github.com/sherlock-audit/2024-11-debita-finance-v3/blob/main/Debita-V3-Contracts/contracts/auctions/Auction.sol#L206-L207
tickPerBlockcreated during init: https://github.com/sherlock-audit/2024-11-debita-finance-v3/blob/main/Debita-V3-Contracts/contracts/auctions/Auction.sol#L93tickPerBlock == 0whencuredInitAmount == curedFloorAmount. Aka, user set init price same floor price. Duration must be non-zero value.- Auction Factory allow user to init price same as floor price and set duration be anything. https://github.com/sherlock-audit/2024-11-debita-finance-v3/blob/main/Debita-V3-Contracts/contracts/auctions/AuctionFactory.sol#L80-L90
Here is an sample auction parameters from user
- Init price = 100e18
- Floor price = 100e18
- duration = 1 days
- User create auction with above parameters.
- Then change floor price after sometimes due to stale auction.
- Because original tickPerBlock is zero, when edit floor price later it will revert with division by zero.
User allowed to set floor price same as init price but cannot edit floor price later, despite duration exist.
Require user to cancel auction and recreate new auction. Cost user time and gas.
Same as attack path
Throw error when tick speed is zero when edit floor price, to prevent user from changing tick speed later.