Submission Details
Severity:
Ram cannot be selected other than by the organiser
Summary
Ram cannot be selected other than by the organiser
Vulnerability Details
function testRamCannotBeSelectedOtherThanByTheOrganiser() public participants {
vm.startPrank(player1);
assertEq(ramNFT.getCharacteristics(0).ram, player1);
while (!ramNFT.getCharacteristics(0).isSatyavaakyah) {
choosingRam.increaseValuesOfParticipants(0, 0);
}
assert(ramNFT.getCharacteristics(0).ram == player1);
assert(ramNFT.getCharacteristics(0).isJitaKrodhah == true);
assert(ramNFT.getCharacteristics(0).isDhyutimaan == true);
assert(ramNFT.getCharacteristics(0).isVidvaan == true);
assert(ramNFT.getCharacteristics(0).isAatmavan == true);
assert(ramNFT.getCharacteristics(0).isSatyavaakyah == true);
assert(choosingRam.isRamSelected() == false);
}
Impact
User has no incentive increasing their Ram:
Users increasing their Ram have no impact on whether they become selected or not
Organiser selects Ram randomly
Tools Used
Manual Review, Foundry
Recommendations
Set isRamSelected to true in the function increaseValuesOfParticipants when ramNFT.isSatyavaakyah is set to true at the end of if else clause.
Updates
Lead Judging Commences
bube over 1 year ago
Submission Judgement Published Assigned finding tags:
`isRamSelected` is not set
Rewards breakdown
nSLOC
218This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.