`require(address(this).balance == uint256(totalFees)` in function `withdrawFees` is not strict
Summary
require(address(this).balance == uint256(totalFees) in function withdrawFees is not strict
Vulnerability Details
is not cover many cases below:
1, This check does not ensure that if no one participates in the raffle the condition is always true causing this function to do some waste stuff.
2, If anyone has called withDraw before making totalFees=0 this condition can make everyone think that There are currently players active!
3, By Comparing address(this).balance a variable that can be changed by anyone sending money to the contract with totalFees can lead to many problems.
Impact
1, someone can monitor both address(this).balance & totalFees and try to make this condition never happen by transferring money to address(this) to make it not equal the totalFees.
2, anyone can enter the withdrawFees multiple time
Tools Used
Manual
Foundry
Recommendations
Should check the condition allow call to withdrawFees very strictly.
We should only allow withdrawal after selecting the winner so to be clear we should define a boolean State for example isCANWITHDRAW
Each time call selectwinner change CANWITHDRAW to true and after withdrawing change it to false
Lead Judging Commences
greifers-send-money-to-contract-to-block-withdrawfees
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.