The zero-value of the Status
enum is NICE
the default value of an enum is its first element (the value 0), and if a person's status has not been explicitly set, it will be considered as NICE. This means that anyone can potentially make actions restricted to NICE people if their status has not been explicitly set.
The vulnerability in the code has two critical implications. The first one pertains to the validation process in the checkTwice function:
In cases where Santa intends to perform a second check on a person with a status of NICE
, there is a potential vulnerability. The check ensuring that the person has been previously checked can be inadvertently bypassed if their status was not explicitly set. This poses a risk that a person can be checked twice without being checked at the first time.
The second concern is more severe; any individual whose status has not been explicitly set can invoke the collectPresent
function after the period of Christmas and obtain an NFT.
The heightened risk arises from the default value of the enum, which enables any individual whose status is unspecified to execute the collectPresent function and receive an NFT. This poses a substantial security concern that needs to be addressed to ensure the intended access restrictions are maintained.
First vulnerability:
Second Vulnerability:
Manual Analysis
Consider changing the order of Status
enum elements. Because the first element is zero-value, the first element should be UNKOWN
In Solidity the first element of an enum is the default value. In Santa's List, the means each person is mapped by default to 'NICE'.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.