First Flight #2: Puppy Raffle

First Flight #2

Beginner FriendlyFoundryNFT

100 EXP

View results

Previous Next

Submission Details

Severity: low

Valid

entranceFee should have a minimum value

anarcheuz

Summary

entranceFee should have a minimum value.

Vulnerability Details

If the value is too small, then prizePool will be zero:

uint256 totalAmountCollected = players.length * entranceFee;

uint256 prizePool = (totalAmountCollected * 80) / 100; // @audit: resolution issue

Technically if players.length * entranceFee * totalAmountCollected < 100, then it will be 0.
This is because solidity only do integer division, if there is a remainder, then it is discarded.

Impact

This is not a situation that occurs very often, as such impact is not high. But it is worth considering that under certain conditions, the prize pool or the fees could be zero. This could incur reputational damage for the protocol, and a very small amount of funds lost.

Tools Used

Manual Review.

Recommendations

Check for a minimum value for entranceFee in the constructor or increase the precision of the calculation.

Updates

Lead Judging Commences

patrickalphac Lead Judge about 2 years ago

Submission Judgement Published

Validated

Assigned finding tags:

loss of precision

like 1 wei

Rewards breakdown

nSLOC

143

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!