First Flight #2: Puppy Raffle

First Flight #2

Beginner FriendlyFoundryNFT

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

Duplicate Player Check Inefficiency and Risk of Denial of Service (DoS) Due to Array Reset Method

nisedo

Vulnerability Details

The enterRaffle function uses a nested loop structure to check for duplicate player entries. Each new player is compared against all existing players in the array, resulting in a computational complexity of (O(n^2)), where (n) is the number of players:

// Check for duplicates

for (uint256 i = 0; i < players.length - 1; i++) {

for (uint256 j = i + 1; j < players.length; j++) {

require(players[i] != players[j], "PuppyRaffle: Duplicate player");

}

This inefficiency is further amplified by the way the players array is reset in the contract. Instead of truly deleting the array, the contract uses delete players;, which only resets the array elements to their default values but does not clear the array's length. This mechanism leads to an ever-growing array size, even though the actual active elements are reset:

delete players;

Impact

Heightened Risk of DoS Attacks: The combination of inefficient duplicate checks and the improper reset method of the array significantly increases the risk of DoS attacks. An attacker can exploit these vulnerabilities to make the enterRaffle function practically unusable due to the high gas cost, effectively preventing legitimate participation.
Excessive Gas Costs: The quadratic complexity of the duplicate check, combined with an ever-growing array size, leads to prohibitively high gas costs, especially for large player arrays.
Scalability Concerns: The current implementation presents serious scalability issues, limiting the practical use of the contract for larger raffles and diminishing user experience due to potential transaction failures.

Recommendations

Implement Efficient Duplicate Checking: Use a mapping to keep track of whether an address has already entered the raffle, reducing the complexity of checking for duplicates to (O(1)) for each entry.
Proper Array Management: Modify the method of resetting the players array to actually clear its length, or consider alternative data structures for managing player entries.
Participant Entry Limits: Set a cap on the number of participants per raffle to control the size of the player array.
Batch Processing and Gas Optimization: If expecting a high volume of participants, consider batch processing entries and optimize the contract for gas efficiency.

Updates

Lead Judging Commences

Hamiltonite Lead Judge about 2 years ago

Submission Judgement Published

Validated

Assigned finding tags:

denial-of-service-in-enter-raffle

Rewards breakdown

nSLOC

143

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!