Christmas timezone + arbitrum boundry
Vulnerability Details
The checked timestamp is in the day before Christmas in some timezone, e.g. for Pacific/Honolulu it's Sunday December 24, 2023 18:59:41 which should be acceptable but with Arbitrum the lower boundary for the block timestamp is 24 hours earlier than the current time (for more information). This means that in those timezone the gift could be claimed on December 23.
Impact
In some timezone the gift could be claimed on December 23
Recommendations
Specify in the README and in the function comment that the protocol consider the Christmas of UTC.
Alternatively change the CHRISTMAS_2023_BLOCK_TIME to be slightly after noon on Christmas, having a Christmas date even for the -12 timezone and a slightly after Christmas for the +12 timezone which may be change only 1 hour ahead by the Arbitrum sequencer remaining in the 24h range.
Lead Judging Commences
Hawaii gets christmas early
The unix timestamp provided in combination with the 24 hour arbitrum boundary problem would in fact allow the timezone PST, MST and CST to claim presents earlier than 24 hours before christmas by 3, 2 and 1 hours respectively.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.