Beginner FriendlyFoundryNFT
100 EXP
View results
Submission Details
Severity: low
Invalid

The function `Dussehra::enterPeopleWhoLikeRam` doesn't have an expiry date, enabling participants to enter the event even after its conclusion.

Summary

The function Dussehra::enterPeopleWhoLikeRam doesn't have an expiry date, enabling participants to enter the event even after its conclusion.

Vulnerability Details

The vulnerability arises from the absence of time-based restrictions in the enterPeopleWhoLikeRam function of the Dussehra contract. This oversight allows users to continue joining the "Be Like Ram" event regardless of whether the participation period has ended. The lack of expiry date validation means that the contract does not enforce constraints on when participants can enter the event, potentially leading to possible loss of funds.

Impact

This vulnerability undermines the fairness and integrity of the event, potentially leading to a loss of trust among participants.

Tools Used

Manual code review

Recommendations

mplement Time-Based Restrictions: Introduce checks within the enterPeopleWhoLikeRam function to verify that participants can only enter the event during the designated period. By enforcing time-based restrictions, the contract can ensure that participation is limited to the intended duration, maintaining

Updates

Lead Judging Commences

bube Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Invalid - enter people after event or after Ram is selected

It is the user's responsibility to check the date of the event.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.