First Flight #7: Horse Store
First Flight #7
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

`HorseStore.huff::FEED_HORSE()` reverts for any block.timestamp `mod` 0x11, making it impossible to feed the horse.

Turetos

Summary

The HorseStore.huff::FEED_HORSE() macro exhibits different functionality with respect to timestamps modulo 0x11, resulting in a
revert and divergent behavior from its Solidity counterpart.

Vulnerability Details

When calling HorseStore.huff::FEED_HORSE() with a block.timestamp modulo 0x11, the code below directs it to jump to the revert.

#define macro FEED_HORSE() = takes (0) returns (0) {
timestamp // [timestamp]
0x04 calldataload // [horseId, timestamp]
STORE_ELEMENT(0x00) // []
// End execution
@> 0x11 timestamp mod
endFeed jumpi
revert
endFeed:
stop
}

Impact

Calling the FEED_HORSE() macro with a timestamp modulo 0x11 triggers a revert, rendering it impossible to feed the horse.
This behavior diverges from its Solidity counterpart.

Tools Used

Stateful fuzzing with Foundry and Manual review

Recommendations

Please consider removing the marked lines below to ensure that the Huff version of the protocol behaves in the same manner as its Solidity
counterpart.

#define macro FEED_HORSE() = takes (0) returns (0) {
timestamp // [timestamp]
0x04 calldataload // [horseId, timestamp]
STORE_ELEMENT(0x00) // []
// End execution
- 0x11 timestamp mod
- endFeed jumpi
- revert
- endFeed:
stop
}
Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

FEED_HORSE() macro does not allow users to feed a horse if the timestamp is divisible by 17

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.