First Flight #2: Puppy Raffle

Summary

The enterRaffle() function is vulnerable to DoS attack. If a person creates diff accounts then it is never guaranteed that the person entering the raffle is unique, and if they enters the raffle with all of their accounts such that if next person tries to enter raffle the function will revert due to gas limit.

Vulnerability Details

So, if a person enters a raffle with different accounts they can prevent people from participating in the raffle.
Also due to the vulnerability in selectWinner() function due to wrong calculation of totalAmountCollected it will also suffer from DoS.
As, if in case people calls refund function then it will create address(0) at their position but as totalAmountCollected uses the length of the players array to calculate the amount then it will always be wrong as the active players will actually not be equal to length (if in case refund is called) and as a result of which selectWinner will always revert.

So, if one creates diff accounts and participates in the raffle such that no new person can enter into the raffle due to gas limitations, and calls refund from all of their account, then selectWinner() function will calculate totalAmountCollected incorrectly and it will always revert and their is no way the raffle can be reset.

Impact

No person can participate in the raffle due to above discussed case.

Tools Used

Manual Review

Recommendations

• Calculate the value of totalAmountCollected correctly by using counter variable for total players, where this counter will be incremented when a person enter a raffle while it will be decremented when a person leaves.

• Also, if we want to calculate the totalAmountCollected in the same manner then when a user leaves the raffle, we can replace the address at their idx with the address at last idx and pop the last one out.