Submission Details
Severity:
feedHorse() in Solidity never reverts at all times, but feedHorse() in Huff reverts if timestamp is divisible by 0x11
Summary
feedHorse() in Solidity never reverts at all times, but feedHorse() in Huff reverts if timestamp is divisible by 0x11
Vulnerability Details
In the Solidity implementation, feedHorse() should never revert
But in the Huff implementation, it will only jump to endFeed and stop if timestamp is not divisible by 0x11, otherwise it will revert
// End execution
0x11 timestamp mod
endFeed jumpi
revert
endFeed:
stop
Impact
Unintentional revert on timestamps that are divisible by 0x11
PoC
function testFeedHorseTimestampRevert() public {
uint256 horseId = horseStore.totalSupply();
vm.prank(user);
vm.warp(0x11);
horseStore.mintHorse();
horseStore.feedHorse(horseId);
}
Running 1 test for test/HorseStoreSolidity.t.sol:HorseStoreSolidity
[PASS] testFeedHorseTimestampRevert() (gas: 113658)
Test result: ok. 1 passed; 0 failed; 0 skipped; finished in 1.92ms
Running 1 test for test/HorseStoreHuff.t.sol:HorseStoreHuff
[FAIL. Reason: EvmError: Revert] testFeedHorseTimestampRevert() (gas: 9079256848778900212)
Test result: FAILED. 0 passed; 1 failed; 0 skipped; finished in 654.13ms
Tools Used
Manual review
Recommendations
Remove the code in the Huff implementation that revert the function call if timestamp if divisible by 0x11
Updates
Lead Judging Commences
inallhonesty over 1 year ago
Submission Judgement Published Assigned finding tags:
FEED_HORSE() macro does not allow users to feed a horse if the timestamp is divisible by 17
Rewards breakdown
nSLOC
460This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.