Perfect Yellow Fox
High
Vulnerability Details The auction contract's bid refund mechanism fails when a bidder's address (contract) cannot receive ETH or WETH, potentially trapping previous bid funds and disrupting auction functionality.
NounAuctionHouseV3::createBid and NounAuctionHouseV2::createBid
Impact A malicious actor could create a contract that prevents bid refunds, effectively blocking future auction participation and locking user funds.
Proof of Concept
- Create a contract that cannot receive ETH or WETH
- Place a bid in the auction
- Subsequent higher bids will fail to refund the previous bid
- Auction becomes functionally blocked
Recommended Mitigation
- Implement a pull-based withdrawal pattern
- Add explicit checks for contract fund receiveability