First Flight #5: Santa's List
First Flight #5
Submission Details
Severity: high
ValidNaughty Elves Created a Backdoor to Reallocate Users Balances
Updates
Lead Judging Commences
Submission Judgement Published
Validated
Assigned finding tags:
unauthorized elf wallet approval in solmate-bad
Some sneaky elf has changed this library to a corrupted one where his wallet address skips all the approval checks for SantaToken! Shenanigans here - https://github.com/PatrickAlphaC/solmate-bad/blob/c3877e5571461c61293503f45fc00959fff4ebba/src/tokens/ERC20.sol#L88
Rewards breakdown
nSLOC
116This contest has a flat reward structure with the following payouts:
High
100 EXP
Medium
20 EXP
Low
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.