Beginner FriendlyFoundry
100 EXP
View results
Submission Details
Severity: low
Invalid

Misleading Error Name for Partially Eligible Users in Present Collection

Vulnerability Details

In the collectPresent function, there's a misleading error when users with mixed statuses (NICE on one list, EXTRA_NICE on the other) attempt to collect their presents. The function's strict check requires users to have identical statuses on both s_theListCheckedOnce and s_theListCheckedTwice lists to collect a present. If these conditions are not met, the function reverts with SantasList__NotNice, which is misleading since the user is NICE on at least one list.

if (s_theListCheckedOnce[msg.sender] == Status.NICE && s_theListCheckedTwice[msg.sender] == Status.NICE) {
_mintAndIncrement();
return;
} else if (
s_theListCheckedOnce[msg.sender] == Status.EXTRA_NICE
&& s_theListCheckedTwice[msg.sender] == Status.EXTRA_NICE
) {
_mintAndIncrement();
i_santaToken.mint(msg.sender);
return;
}
revert SantasList__NotNice(); //@audit misleading error is user is NICE on one list and EXTRA_NICE on the other

Impact

  1. User Confusion: Eligible users may be confused by the misleading error message.

  2. Inconsistent Reward Distribution: Users partially meeting the criteria are unfairly denied rewards.

Recommendations

  1. Clear Error Messages: Update the error message to accurately reflect the user's eligibility status.

  2. Adjust Eligibility Criteria: Modify the eligibility criteria to accommodate users with mixed statuses.

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.