First Flight #5: Santa's List
First Flight #5
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

Mismatched Cost in buyPresent Function, Allows for Lower-Cost Exploitation

0xtheblackpanther

Summary

The contract contains a discrepancy in the cost calculation for purchasing presents. The intended cost is specified as 2e18, but the burn function, which is responsible for deducting the cost from the user, is currently burning 1e18. This mismatch may allow users to exploit the contract and purchase presents at a lower cost than intended.

Vulnerability Details

The vulnerability lies in the burn function, which is used to deduct SantaTokens when a user purchases a present. The parameter passed to _burn is inconsistent with the intended cost, leading to a mismatch between the intended cost and the actual deduction.

Impact

If exploited, users could purchase presents at a lower cost than intended, potentially disrupting the economic balance of the contract.

Tools Used

  • Manual Review

Recommendations

  • Update the burn function's parameter in SantaToken to match the intended cost (2e18).

function burn(address from) external {
if (msg.sender != i_santasList) {
revert SantaToken__NotSantasList();
}
_burn(from, 2e18);
}
Updates

Lead Judging Commences

inallhonesty Lead Judge almost 2 years ago
Submission Judgement Published
Validated
Assigned finding tags:

Price is not enforced in buyPresent

This line indicates that the intended cost of presents for naughty people should be 2e18: https://github.com/Cyfrin/2023-11-Santas-List/blob/6627a6387adab89ae2ba2e82b38296723261c08a/src/SantasList.sol#L87 PURCHASE_PRESENT_COST should be implemented to enforce the cost of presents.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.