Submission Details
Severity:
DoS - A malicious user can call `RapBattle.sol::goOnStageOrBattle` and lock other users out of the Stage
Description:
-
The protocol design allows only one battle at a time. So, a user can battle himself by calling multiple times the
RapBattle::goOnStageOrBattlefunction leading to a pump in his skills and locking the other users out. Because there isn't a penalty to the loser, besides the bet value. -
Impact:
Break the Battle functionality.
-
Proof of Concept:
Add the following code to `OneShotTest.t.sol`
function testPoCGoOnStage() public mintRapper {vm.startPrank(user);oneShot.approve(address(rapBattle), 0);rapBattle.goOnStageOrBattle(0, 0);address defender = rapBattle.defender();assert(defender == address(user));rapBattle.goOnStageOrBattle(0, 1);} -
Recommendation:
See the code recommendation below
function goOnStageOrBattle(uint256 _tokenId, uint256 _credBet) external {if (defender == address(0)) {defender = msg.sender;defenderBet = _credBet;defenderTokenId = _tokenId;emit OnStage(msg.sender, _tokenId, _credBet);oneShotNft.transferFrom(msg.sender, address(this), _tokenId);credToken.transferFrom(msg.sender, address(this), _credBet);} else {+ if(msg.sender == defender){+ revert RapBattle__YouCantBattleYourself();+ }// credToken.transferFrom(msg.sender, address(this), _credBet);_battle(_tokenId, _credBet);}}
-
Rewards breakdown
nSLOC
201This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.