First Flight #5: Santa's List
First Flight #5
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

NICE status as default

ryonen

Summary

Setting the default status as NICE could lead to potential issues as nonChecked users may bypass certain checks in the SantasList contract and mint NFTs.

Vulnerability Details

The enum Status uses NICE in the first position. However, in Solidity, each enum property is represented by a number under the hood. Additionally, all default values in the mappings s_theListCheckedOnce and s_theListCheckedTwice are set to 0. This means that all users are considered as NICE by default, granting them access to the collectPresent function.

Impact

Non-checked users can mint NFTs regardless of their actual status.

POC

function testInvalidUserClaimNFT() external {
vm.warp(santasList.CHRISTMAS_2023_BLOCK_TIME() + 1);
vm.startPrank(user);
santasList.collectPresent();
vm.stopPrank();
assertEq(santasList.balanceOf(user), 1);
}

Tools Used

Foundry

Recommendations

Consider using NAUGHTY as the default status to mitigate potential vulnerabilities.

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

default status is nice

In Solidity the first element of an enum is the default value. In Santa's List, the means each person is mapped by default to 'NICE'.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.