First Flight #2: Puppy Raffle

First Flight #2

Beginner FriendlyFoundryNFT

100 EXP

View results

Previous Next

Submission Details

Severity: high

Valid

Low/QA

00decree

[Low] Arithmetic operation overflow/underflow may lead to unintended behaviour.

Prior to Solidity 0.8, Arithmetic overflow/underflow can occur and lead to unintended behavior.

131: uint256 totalAmountCollected = players.length * entranceFee;

132: uint256 prizePool = (totalAmountCollected * 80) / 100;

133: uint256 fee = (totalAmountCollected * 20) / 100;

github: [link] (https://github.com/Cyfrin/2023-10-Puppy-Raffle/blob/e01ef1124677fb78249602a171b994e1f48a1298/src/PuppyRaffle.sol#L131-L133)

Recommendations

implement OpenZeppelin's SafeMath.

[Low] State Address Changes Should Be a Two-Step Procedure

Direct state address changes in a function can be risky, as they don't allow for a verification step before the change is made. It's safer to implement a two-step process where the new address is first proposed, then later confirmed, allowing for more control and the chance to catch errors or malicious activity.

167: function changeFeeAddress(address newFeeAddress) external onlyOwner {

168: feeAddress = newFeeAddress;

169: emit FeeAddressChanged(newFeeAddress);

170: }

github: link

[Low] Unsafe downcasting may lead to unexpected behaviour.

Downcasting from a larger integer type to a smaller one without checks can lead to unexpected behavior if the value of the larger integer is outside the range of the smaller one. This could lead to unexpected results due to overflow.

133: uint256 fee = (totalAmountCollected * 20) / 100;

134: totalFees = totalFees + uint64(fee);

github: link

Recommendation

Implement OpenZeppelin's SafeCast OR check for overflow when downcasting.

[QA] Remove unused internal function for code clarity.

The following internal function is not found to be used anywhere. This can lead to confusion and clutter, making the code harder to understand and maintain.

173: function _isActivePlayer() internal view returns (bool) {

174: for (uint256 i = 0; i < players.length; i++) {

175: if (players[i] == msg.sender) {

176: return true;

177: }

178: }

179: return false;

180: }

github: link

Updates

Lead Judging Commences

patrickalphac Lead Judge almost 2 years ago

Submission Judgement Published

Validated

Assigned finding tags:

unsafe cast of fee to uint64

loss of precision

like 1 wei

Rewards breakdown

nSLOC

143

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.