First Flight #5: Santa's List

First Flight #5

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: low

Invalid

`checkList()` and `checkTwice()` can be called way into the future, even after Christmas

t0x1c

Summary

Even after Christmas has arrived and the list has been prepared, it can be modified which can lead to a user not being able to collect their present.

Vulnerability Details

The current implementation opens up a possibility that a user will be able to claim his present only if he does so fast enough once Christmas arrives. Imagine the following flow:

Santa marks Alice as EXTRA_NICE (checked twice)
block.timestamp = CHRISTMAS_2023_BLOCK_TIME (Christmas arrives)
Alice is sick for a few days, so she can not collect her present via collectPresent(). She does check her status via the view function getNaughtyOrNiceTwice() and is happy to see she has been marked eligible. She plans to collect her present later upon getting better.
A day later, Santa clears his list for the season and marks everyone as NOT_CHECKED_TWICE. Since there are no events or view functions to check if a person has collected their present, he can't know who all have still not collected their presents.
Alice gets healthy again, only to find that her call to collectPresent() reverts on L165

Impact

User can lose out on their eligible presents.

Tools Used

Manual inspection

Recommendations

Add a constraint that checkList() and checkTwice() can be called only until Christmas eve, or maybe until (timestamp: 1_703_635_200), but choose a deadline :

* @notice Do a first pass on someone if they are naughty or nice.

* Only callable by santa

* @param person The person to check

* @param status The status of the person

function checkList(address person, Status status) external {

+ require(block.timestamp < CHRISTMAS_2023_BLOCK_TIME);

s_theListCheckedOnce[person] = status;

emit CheckedOnce(person, status);

}

* @notice Do a second pass on someone if they are naughty or nice.

* Only callable by santa. Only if they pass this are they eligible for a present.

* @param person The person to check

* @param status The status of the person

function checkTwice(address person, Status status) external onlySanta {

+ require(block.timestamp < CHRISTMAS_2023_BLOCK_TIME);

if (s_theListCheckedOnce[person] != status) {

revert SantasList__SecondCheckDoesntMatchFirst();

}

s_theListCheckedTwice[person] = status;

emit CheckedTwice(person, status);

}

Updates

Lead Judging Commences

inallhonesty Lead Judge almost 2 years ago

Submission Judgement Published

Invalidated

Reason: Design choice

Assigned finding tags:

collectPresent is callable after Christmas

check on block.timestamp only requires that christmas has arrived. The protocol explicitly states that after christmas has passed (give or take 24 hours) collecting shouldn't be possible.

Rewards breakdown

nSLOC

116

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.