First Flight #13: Baba Marta

First Flight #13

Beginner FriendlyFoundryGameFi

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

In `MartenitsaEvent::joinEvent` previous users can not join any future events and `MartenitsaEvent::joinEvent` is always revert.

badal_sharma09

Description: This contract manages an event where participants can join, if they meet certain criteria and during the event, the participants will become producers. That means they can create and sell MartenitsaTokens. Users who are already producers can not participate in the event. However, the MartenitsaEvent::joinEvent allows participants to join the event if they have sufficient HealthToken balance but the _participants return always true because the MartenitsaEvent does not reset the old users from the _participants that's why previous participants can not join future events if they have sufficient HealthToken balance.

function joinEvent() external {

require(block.timestamp < eventEndTime, "Event has ended");

require(!_participants[msg.sender], "You have already joined the event");

require(!isProducer[msg.sender], "Producers are not allowed to participate");

require(_healthToken.balanceOf(msg.sender) >= healthTokenRequirement, "Insufficient HealthToken balance");

_participants[msg.sender] = true;

participants.push(msg.sender);

emit ParticipantJoined(msg.sender);

(bool success) = _healthToken.transferFrom(msg.sender, address(this), healthTokenRequirement);

require(success, "The transfer is not successful");

_addProducer(msg.sender);

}

function stopEvent() external onlyOwner {

require(block.timestamp >= eventEndTime, "Event is not ended");

for (uint256 i = 0; i < participants.length; i++) {

isProducer[participants[i]] = false;

}

Impact: In MartenitsaEvent::joinEvent previous users can not participate in any future events because of this the contract becomes useless.

Proof Of Concept: Paste this test to your test folder and run the test.

function test_sameParcticipantCannotJoinNextEvent() public {

vm.startPrank(chasy);

martenitsaToken.createMartenitsa("bracelet");

marketplace.listMartenitsaForSale(0, 1 wei);

marketplace.listMartenitsaForSale(1, 1 wei);

marketplace.listMartenitsaForSale(2, 1 wei);

martenitsaToken.approve(address(marketplace), 0);

martenitsaToken.approve(address(marketplace), 1);

martenitsaToken.approve(address(marketplace), 2);

marketplace.makePresent(bob, 0);

marketplace.makePresent(bob, 1);

marketplace.makePresent(bob, 2);

vm.stopPrank();

martenitsaEvent.startEvent(1 days);

vm.startPrank(bob);

marketplace.collectReward();

healthToken.approve(address(martenitsaEvent), 10 ** 18);

martenitsaEvent.joinEvent();

vm.warp(block.timestamp + 1 days + 1);

vm.stopPrank();

martenitsaEvent.stopEvent();

// start next Event

address ooggy = makeAddr("ooggy");

vm.startPrank(jack);

martenitsaToken.createMartenitsa("bracelet");

marketplace.listMartenitsaForSale(3, 1 wei);

marketplace.listMartenitsaForSale(4, 1 wei);

marketplace.listMartenitsaForSale(5, 1 wei);

martenitsaToken.approve(address(marketplace), 3);

martenitsaToken.approve(address(marketplace), 4);

martenitsaToken.approve(address(marketplace), 5);

// Try with ooggy account

// marketplace.makePresent(ooggy, 3);

// marketplace.makePresent(ooggy, 4);

// marketplace.makePresent(ooggy, 5);

// Try with bob account, but Bob already participated in a previous event

// Bob's account is only for you if you want to see the revert

marketplace.makePresent(bob, 3);

marketplace.makePresent(bob, 4);

marketplace.makePresent(bob, 5);

vm.stopPrank();

// Previous participants cannot join this event, because of contract logic

// If Bob wants to again join next future events, he can't

// But ooggy can join because he never joined the previous events

martenitsaEvent.startEvent(1 days);

// If you want to try with ooggy account, comment me out

// vm.startPrank(ooggy);

// if you want to participate with ooggy account, comment to me

vm.startPrank(bob);

marketplace.collectReward();

healthToken.approve(address(martenitsaEvent), 10 ** 18);

// if you are trying with ooggy account, comment to me

vm.expectRevert("You have already joined the event");

martenitsaEvent.joinEvent();

vm.warp(block.timestamp + 1 days + 1);

vm.stopPrank();

martenitsaEvent.stopEvent();

}

Recommendation: Delete all the participant's users from the _participants so that the same users participate in future events.

Updates

Lead Judging Commences

bube Lead Judge over 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

_participants is not updated

Rewards breakdown

nSLOC

239

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.