First Flight #10: One Shot
First Flight #10
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Challenger may refuse to pay credToken via not approve 'transferFrom()'

jennifersun

Summary

Challenger may refuse to pay credToken via not approve 'transferFrom()'

Vulnerability Details

Defender starts one battle, challenger participates this battle without approve(). If challenger lose, when function _battle() tries to transfer challenger's credToken to defenders, fail to transfer because of non-approval.

if (random <= defenderRapperSkill) {
// We give them the money the defender deposited, and the challenger's bet
credToken.transfer(_defender, defenderBet);
credToken.transferFrom(msg.sender, _defender, _credBet);
} else {
// Otherwise, since the challenger never sent us the money, we just give the money in the contract
credToken.transfer(msg.sender, _credBet);
}

eg.

  • Alice as one defender, starts one battle with 100 credToken through calling goOnStageOrBattle().

  • Bob as one challenger, participate this battle. After calculation, Bob fails.

  • smart contract tries to transfer bob's 100 credToken to Alice. Failed.

Impact

Defender cannot gain profit when win.

Tools Used

Manual

Recommendations

Challenger should still need to transfer credToken to smart contract in battle. And smart contract transfer related tokens to the winner.

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

missing check for sufficient `_credBet_` approval

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.