Once the raffle ends, fulfillRandomWords
is called by the Oracle, a winner is selected, and fees collected during the raffle are sent to the winner. Since all variables are reset in fulfillRandomWords
, if this function reverts, no more raffle is possible. The problem arises when the receiver is a smart contract that reverts when it receives coins, intentionally or due to using too much gas. This situation can lead to the raffle being blocked forever, resulting in a denial-of-service (DoS) attack.
Likelyhood: Medium
Winner is contract that uses too much gas
An attacker could use a contract that will revert if they want and ask for a ransom to prevent the contract from breaking
Impact: High
Denial of service of all future raffles with no possiblity to recover.
Keep track of each winner's balance and implement a withdrawal function to allow winners to collect their fees, rather than sending ether directly to winners.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.