Beginner FriendlyFoundryNFT
100 EXP
View results
Submission Details
Severity: high
Valid

Player can't enter raffle

Summary

Vulnerability Details

If any two players wants to refund then the enterRaffle can be available anymore because when the two players are called the "refund" function the the indexes are filled with the address(0). so when the enterRaflle is called by someother player it checks the existance of duplicates and it considers the addresses(0) as duplicates and will revert all the time.

Impact

High

Tools Used

Manual review

Updates

Lead Judging Commences

Hamiltonite Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

refund-doesnt-reduce-players-array-size-causing-protocol-to-freeze

zero address can win the raffle

Funds are locked to no one. If someone gets the refund issue, they also got this issue. IMPACT: High Likelihood: High

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.