First Flight #2: Puppy Raffle

First Flight #2

Beginner FriendlyFoundryNFT

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

Strict Balance Equality Check in withdrawFees Function

charalab0ts

Summary

PuppyRaffle.withdrawFees() (src/PuppyRaffle.sol#157-163) uses a dangerous strict equality when comparing the contract's balance with the total fees

Vulnerability Details

require(bool,string)(address(this).balance == uint256(totalFees),PuppyRaffle: There are currently players active!)

The withdrawFees() function in the PuppyRaffle contract uses a strict equality check to ensure that the contract's balance is equal to the total fees before allowing the withdrawal. This could potentially be a problem if there are any discrepancies between the contract's balance and the total fees, even if they are due to reasons outside of the contract's control

Impact

fund lockup

Tools Used

-Slither detector
-Manual

Recommendations

require(address(this).balance >= uint256(totalFees), "PuppyRaffle: There are currently players active!");

PoC

Code

function testWithdrawFeesDiscrepancy() public playersEntered {

// Move the block timestamp forward to simulate the end of the raffle

vm.warp(block.timestamp + duration + 1);

vm.roll(block.number + 1);

// Calculate the expected prize amount

uint256 expectedPrizeAmount = ((entranceFee * 4) * 20) / 100;

// Select a winner

puppyRaffle.selectWinner();

// Send a small amount of Ether to the contract to create a discrepancy

address(puppyRaffle).call{value: 1}("");

// Try to withdraw the fees

bool success = true;

try puppyRaffle.withdrawFees() {

} catch {

success = false;

}

// Check that the withdrawFees function failed

assertFalse(success);

// Check that the feeAddress's balance is less than the expected prize amount

assertTrue(address(feeAddress).balance < expectedPrizeAmount);

}

Updates

Lead Judging Commences

Hamiltonite Lead Judge about 2 years ago

Submission Judgement Published

Validated

Assigned finding tags:

greifers-send-money-to-contract-to-block-withdrawfees

Rewards breakdown

nSLOC

143

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!