Sparkn

CodeFox Inc.

DeFiFoundryProxy

15,000 USDC

View results

Previous Next

Submission Details

Severity: high

No supporter is able to find a solution to a problem

bbash

Summary

No supporter is able to find a solution to a problem.

Vulnerability Details

If a contest is created and funded, there is no way to refund. Therefore, it becomes necessary for at least one supporter to find a solution to a problem for the proper functioning of the protocol. If none of the supporters is able to find a solution, the sponsor funds will be locked as there will be no winner. This can happen if:

There is an exceptionally tough-to-solve problem or,
there is a problem that is not solvable or,
there is a problem that will take a lot of time to be solved ( more than the MAX_CONTEST_PERIOD ).

Impact

This leads to loss of sponsor funds as the funds will be locked forever.

Tools Used

Manual review and VS Code

Recommendations

1, A mapping of sponsors and their funding can be maintained and there can be a withdraw function for the sponsors to withdraw their funding if there is no solution even after the MAX_CONTEST_PERIOD.

2, A withdraw function can be made available for the owner that can be called after the MAX_CONTEST_PERIOD and because the owner is a trusted role, the owner can use this fund for sponsoring some other contest.

Prize pool breakdown

Total prize

15,000 USDC

nSLOC

194

77 USDC / LOC

High Medium

14,000 USDC

Low

1,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.