First Flight #17: Dussehra
First Flight #17
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Potential Loss of Funds Due to Unselected Ram or Unkilled Ravana

waydou

Summary

Potential Loss of Funds Due to Unselected Ram Or unkilled Ravana

Vulnerability Details

In the ChoosingRam contract, there is a critical vulnerability that could result in the permanent locking of funds within the Dussehra contract. This issue arises if the Ram is not selected by the organizer or any participant before a specified timestamp or if Ravana is not killed before a dpecified timestamp. this issue can be result of multiple scenarios such as:

  • Miner Manipulation: A miner can deliberately withhold a transaction until block.timestamp > 1728777600, causing the Ram selection process to be delayed until it is too late, thus preventing the Dussehra::killRavana function from being executed.

  • Participant Inaction: If participants, including the organizer, fail to execute the Dussehra::killRavana function before the deadline (block.timestamp > 1728777669), the funds will remain locked within the contract, as the function cannot be accessed after this timestamp without a selected Ram.

Impact

  • Permanent Locking of Funds: The inability to select a Ram or execute the Dussehra::killRavana function within the designated time frame results in the permanent locking of funds within the contract.

  • Loss of Rewards: Ram who is supposed to receive rewards from the Dussehra contract will be unable to access these funds, resulting in financial loss.

  • Decrease in Trust: Such vulnerabilities can undermine the trust and confidence of participants in the event, and allowing Ravana to remain free.

Tools Used

Manual Code Review

Recommendations

We have two cases:

  • if Ram is not selected, Ravana can't be killed, funds are blocked and so emergency refund is allowed.

  • if Ram is selcted but Ravan wasn't killed, funds are blocked and so emergency refund is allowed.

Add variables to track the amount contributed by each participant.
mapping(address => uint256) public contributions;
Update the entryfunction

function enterPeopleWhoLikeRam() public payable {
if (msg.value != entranceFee) {
revert Dussehra__NotEqualToEntranceFee();
}
if (peopleLikeRam[msg.sender] == true){
revert Dussehra__AlreadyPresent();
}
peopleLikeRam[msg.sender] = true;
WantToBeLikeRam.push(msg.sender);
+ contributions[msg.sender] = msg.value;
ramNFT.mintRamNFT(msg.sender);
emit PeopleWhoLikeRamIsEntered(msg.sender);
}

Create the emergencyRefund function that allows participants to withdraw their contributions if the event is finished.

function emergencyRefund() public {
require(block.timestamp > 1728777669, "Emergency refund can only be enabled after the deadline");
require(!ravanaKilled, "Ravana has already been killed, no refunds allowed");
require(emergencyRefundEnabled, "Emergency refund is not enabled");
uint256 amount = contributions[msg.sender];
require(amount > 0, "No contributions to refund");
// Reset the contribution to prevent re-entrancy
contributions[msg.sender] = 0;
(bool success, ) = msg.sender.call{value: amount}("");
require(success, "Refund failed");
}
Updates

Lead Judging Commences

bube Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Invalid - `selectRamIfNotSelected` is not called

The organizer is trusted and he/she will call the `selectRamIfNotSelected`.

Invalid - `killRavana` is not called

The organizer is trusted and he/she will call the `killRavana` function.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.