Vulnerability to front-running attacks in the submitBid function

Summary

The lack of a commitment scheme in the submitBid function could allow an attacker to front-run a bid by submitting a higher bid just before the target bid is accepted.

Vulnerability Detail

In the TellerV2Context.sol contract, the submitBid function is vulnerable to front-running attacks due to the absence of a commitment scheme. An attacker could potentially front-run a bid by submitting a higher bid just before the target bid is accepted, compromising the fairness of the auction process.

Impact

Potential front-running attacks, compromising the fairness of the auction process.

Code Snippet

https://github.com/sherlock-audit/2023-03-teller/blob/main/teller-protocol-v2/packages/contracts/contracts/TellerV2.sol#L272

https://github.com/sherlock-audit/2023-03-teller/blob/main/teller-protocol-v2/packages/contracts/contracts/TellerV2.sol#L303

Tool used

Manual Review

Recommendation

Implement a commitment scheme for the submitBid function to prevent front-running attacks and ensure the fairness of the auction process.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

047.md

047.md

Vulnerability to front-running attacks in the submitBid function

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

Files

047.md

Latest commit

History

047.md

File metadata and controls

Vulnerability to front-running attacks in the submitBid function

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation