Beanstalk: The Finale

Beanstalk

DeFiHardhatFoundry

250,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

Tractor incorrectly checks deadline contrary to specification

T1MOH

Summary

In specification it is described that Blueprint can be executed when:

Any properly signed Blueprint can be executed through Tractor given:

startTime < block.timestamp < endTime;

blueprintNonce[nonce] < maxNonce; and

the advancedFarm function call does not revert (Publishers can encode logic checks that revert under arbitrary conditions)

As you can see step 1 bounds are not inclusive.
However actual implementation allows blueprint to be executed in timestamps startTime and endTime:

modifier runBlueprint(LibTractor.Requisition calldata requisition) {

require(

LibTractor._getBlueprintNonce(requisition.blueprintHash) <

requisition.blueprint.maxNonce,

"TractorFacet: maxNonce reached"

);

require(

@> requisition.blueprint.startTime <= block.timestamp &&

@> block.timestamp <= requisition.blueprint.endTime,

"TractorFacet: blueprint is not active"

);

LibTractor._incrementBlueprintNonce(requisition.blueprintHash);

LibTractor._setPublisher(payable(requisition.blueprint.publisher));

LibTractor._resetPublisher();

}

Impact

It can cause issues to integrators because they don't expect bluePrint to run immediately as startTime comes. For example integrator configures blueprint deadline from block.timestamp and expects that blueprint will be run starting from next block.

Tools Used

Manual Review

Recommendations

Either update specification or update code.

Updates

Lead Judging Commences

inallhonesty Lead Judge 12 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

250,000 USDC

nSLOC

12,285

20 USDC / LOC

High Medium

220,000 USDC

Low

10,000 USDC

Judges

20,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.