First Flight #10: One Shot
First Flight #10
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Player can battle betting 0 tokens

0xeLSeR17

Summary

Function goOnStageOrBattle() does not check for _credBet > 0. Players can participate without betting any tokens.

Vulnerability Details

Allows any player to occupy the defender position without risking their tokens.

Impact

Incentivizes players to battle continuously in order to have a chance of increasing their rapper's won battles with no risk. RapBattle contract would be unavailable with lots of people trying yo participate.

Tools Used

Manual review.
Foundry testing. POC:

function testBattleWithoutCredToken() public{
vm.startPrank(user);
oneShot.mintRapper();
oneShot.approve(address(rapBattle), 0);
rapBattle.goOnStageOrBattle(0, 0);
address defender = rapBattle.defender();
assertEq(defender, user);
}

Recommendations

Make sure that _credBet > 0

function goOnStageOrBattle(uint256 _tokenId, uint256 _credBet) external {
+ require(_credBet > 0, "Bet token amount cannot be 0");
if (defender == address(0)) {
defender = msg.sender;
defenderBet = _credBet;
defenderTokenId = _tokenId;

        emit OnStage(msg.sender, _tokenId, _credBet);

        oneShotNft.transferFrom(msg.sender, address(this), _tokenId);
        credToken.transferFrom(msg.sender, address(this), _credBet);
    } else {
        // credToken.transferFrom(msg.sender, address(this), _credBet);
        _battle(_tokenId, _credBet);
    }
}
Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.