Lack of Duplicate ID Check in combineShorts Function
Summary
Lack of Duplicate ID Check in combineShorts Function".
Vulnerability Details
The contract does not validate if the provided IDs array in the combineShorts function contains unique IDs.
Impact
The impact of not checking for duplicate IDs in the combineShorts function could potentially be significant. If duplicate IDs are provided, the same short record could be processed multiple times, leading to incorrect calculations and potentially causing the state of the contract to be updated incorrectly. This could lead to loss of funds or other unexpected behavior.
Tools Used
Manual
Recommendations
To resolve this issue, you should add a check to ensure that the IDs provided in the array are unique. This can be done by using a mapping to track the IDs that have already been processed. If an ID is found more than once, the function should revert. Here is a sample code snippet:
This will ensure that each ID is only processed once, preventing potential issues caused by duplicate IDs.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.