Beginner FriendlyFoundryNFT
100 EXP
View results
Submission Details
Severity: low
Valid

Bad equality in the emission of the event `RapBattle::Battle` might return wrong values

Summary

Bad equality in the emission of the event RapBattle::Battle might return wrong values

Vulnerability Details

Inside the function RapBattle::_battle we have the following snippet:

.
.
.
emit Battle(
msg.sender,
_tokenId,
random < defenderRapperSkill ? _defender : msg.sender
);
// If random <= defenderRapperSkill -> defenderRapperSkill wins, otherwise they lose
if (random <= defenderRapperSkill) {
// We give them the money the defender deposited, and the challenger's bet
credToken.transfer(_defender, defenderBet);
credToken.transferFrom(msg.sender, _defender, _credBet);
} else {
// Otherwise, since the challenger never sent us the money, we just give the money in the contract
credToken.transfer(msg.sender, _credBet);
}
.
.
.

As you can see, if the value of random and defenderRapperSkill are the same, the event emits that the winner is the attacker(msg.sender). However, when giving the rewards, if those variables are equal, the rewards are sent to the defender!

Impact

The event might emit wrong information

Tools Used

Manual Review

Recommendations

Use <= instead of < inside the emit command :

emit Battle(
msg.sender,
_tokenId,
+ random <= defenderRapperSkill ? _defender : msg.sender
- random < defenderRapperSkill ? _defender : msg.sender
);
Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Contradictory battle result event

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.