First Flight #11: Snek-Raffle

First Flight #11

Beginner FriendlyFoundryNFT

100 EXP

View results

Previous Next

Submission Details

Severity: low

Invalid

`assert` in `request_raffle_winner` prevent user from understanding why the function reverts

n0kto

Description

To end, Snek Raffle needs to last at least 1 day, have one player, be open, and have a balance. However, the same error is returned for any of these conditions, preventing a user from understanding why the function reverts.

def request_raffle_winner() -> uint256:

"""Request a random winner from the VRF Coordinator after a raffle has completed."""

is_open: bool = RaffleState.OPEN == self.raffle_state

time_passed: bool = (block.timestamp - self.last_timestamp) > RAFFLE_DURATION

has_players: bool = len(self.players) > 0

has_balance: bool = self.balance > 0

@> assert is_open and time_passed and has_players and has_balance, ERROR_NOT_ENDED

self.raffle_state = RaffleState.CALCULATING

request_id: uint256 = VRF_COORDINATOR.requestRandomWords(

# c gas lane dans chainlink permet de definir du premium

GAS_LANE,

SUBSCRIPTION_ID,

REQUEST_CONFIRMATIONS,

CALLBACK_GAS_LIMIT,

NUM_WORDS

)

return ERC721._total_supply()

Risk

Likelyhood: Low

Occurs every time someone calls the function and all conditions are not satisfied.

Impact: Low

Impossible for a user to know why the function reverts.

Recommended Mitigation

Create separate error messages for each condition to provide more clarity to the user and add them in the function like below.

def request_raffle_winner() -> uint256:

"""Request a random winner from the VRF Coordinator after a raffle has completed."""

is_open: bool = RaffleState.OPEN == self.raffle_state

time_passed: bool = (block.timestamp - self.last_timestamp) > RAFFLE_DURATION

has_players: bool = len(self.players) > 0

has_balance: bool = self.balance > 0

- assert is_open and time_passed and has_players and has_balance, ERROR_NOT_ENDED

+ assert is_open, ERROR_NOT_OPEN

+ assert time_passed, ERROR_NOT_ENDED

+ assert has_players, ERROR_NO_PLAYER

+ assert has_balance, ERROR_NO_BALANCE

self.raffle_state = RaffleState.CALCULATING

request_id: uint256 = VRF_COORDINATOR.requestRandomWords(

# c gas lane dans chainlink permet de definir du premium

GAS_LANE,

SUBSCRIPTION_ID,

REQUEST_CONFIRMATIONS,

CALLBACK_GAS_LIMIT,

NUM_WORDS

)

return ERC721._total_supply()

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

136

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.