First Flight #10: One Shot

First Flight #10

Beginner FriendlyFoundryNFT

100 EXP

Submission Details

Severity: high

Invalid

No bet value check on `RapBattle::goOnStageOrBattle`, leading to bets with a value of 0.

Description:
- The protocol design allows only one battle at a time. So, a user can call RapBattle::goOnStageOrBattle constantly betting 0 Cred and blocking other users to battle
- Impact:
  - Break the Rap Battle functionality in the RapBattle::goOnStageOrBattle function.
- Proof of Concept:
  
  Add the following code to `OneShotTest.t.sol`
  
  function testPoCGoOnStage() public mintRapper {
  vm.startPrank(user);
  oneShot.approve(address(rapBattle), 0);
  rapBattle.goOnStageOrBattle(0, 0);
  address defender = rapBattle.defender();
  assert(defender == address(user));
  }
- Recommendation:
  
  See the code recommendation below
  
  function goOnStageOrBattle(uint256 _tokenId, uint256 _credBet) external {
  + if(_credBet < 1){
  + revert RapBattle__YouMustPutYourCredInTheLine();
  + }
  if (defender == address(0)) {
  defender = msg.sender;
  defenderBet = _credBet;
  defenderTokenId = _tokenId;
  
  emit OnStage(msg.sender, _tokenId, _credBet);
  
  oneShotNft.transferFrom(msg.sender, address(this), _tokenId);
  credToken.transferFrom(msg.sender, address(this), _credBet);
  } else {
  // credToken.transferFrom(msg.sender, address(this), _credBet);
  _battle(_tokenId, _credBet);
  }
  }

Updates

inallhonesty Lead Judge over 1 year ago

Submission Judgement Published

Invalidated

Reason: Design choice

nSLOC

201

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

The contest is live. Earn rewards by submitting a finding.

Submissions are being carefully reviewed by our judges.

This is your time to appeal against judgements on your submissions.

Appeals are being carefully reviewed by our judges.

The contest is complete and the rewards are being distributed.

Support

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.