Submission Details
Severity:
Mismatch fallback functionality
Description: The Huff implementation of HorseStore uses HorseStore::MINT_HORSE as a fallback function. This would cause a mismatch
in functionality between the Huff and Solidity implementation
Impact: Meddium - low
Recommendation:
Code
#define macro MAIN() = takes (0) returns (0) {
// Identify which function is being called.
0x00 calldataload 0xE0 shr
dup1 __FUNC_SIG(totalSupply) eq totalSupply jumpi
dup1 __FUNC_SIG(feedHorse) eq feedHorse jumpi
dup1 __FUNC_SIG(isHappyHorse) eq isHappyHorse jumpi
dup1 __FUNC_SIG(horseIdToFedTimeStamp) eq horseIdToFedTimeStamp jumpi
dup1 __FUNC_SIG(mintHorse) eq mintHorse jumpi
dup1 __FUNC_SIG(HORSE_HAPPY_IF_FED_WITHIN) eq horseHappyIfFedWithin jumpi
dup1 __FUNC_SIG(approve) eq approve jumpi
dup1 __FUNC_SIG(setApprovalForAll) eq setApprovalForAll jumpi
dup1 __FUNC_SIG(transferFrom) eq transferFrom jumpi
dup1 __FUNC_SIG(name) eq name jumpi
dup1 __FUNC_SIG(symbol) eq symbol jumpi
dup1 __FUNC_SIG(tokenURI) eq tokenURI jumpi
dup1 __FUNC_SIG(supportsInterface)eq supportsInterface jumpi
dup1 __FUNC_SIG(getApproved) eq getApproved jumpi
dup1 __FUNC_SIG(isApprovedForAll) eq isApprovedForAll jumpi
dup1 __FUNC_SIG(balanceOf) eq balanceOf jumpi
dup1 __FUNC_SIG(ownerOf)eq ownerOf jumpi
totalSupply:
GET_TOTAL_SUPPLY()
feedHorse:
FEED_HORSE()
isHappyHorse:
IS_HAPPY_HORSE()
mintHorse:
MINT_HORSE()
horseIdToFedTimeStamp:
GET_HORSE_FED_TIMESTAMP()
horseHappyIfFedWithin:
HORSE_HAPPY_IF_FED_WITHIN()
approve:
APPROVE()
setApprovalForAll:
SET_APPROVAL_FOR_ALL()
transferFrom:
TRANSFER_FROM()
name:
NAME()
symbol:
SYMBOL()
tokenURI:
TOKEN_URI()
supportsInterface:
SUPPORTS_INTERFACE()
getApproved:
GET_APPROVED()
isApprovedForAll:
IS_APPROVED_FOR_ALL()
balanceOf:
BALANCE_OF()
ownerOf:
OWNER_OF()
- MINT_HORSE()
}
Updates
Lead Judging Commences
inallhonesty
over 1 year ago
inallhonesty over 1 year ago
Submission Judgement Published Assigned finding tags:
MAIN() macro is not properly implemented
Any call data sent to the contract that doesn't contain a function selector will randomly mint a horse.
Rewards breakdown
nSLOC
460This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.