Submission Details
Severity:
Timestamps are not correct in `Dussehra::killRavana` and the function can be executed contrary to the requirements
Summary
The timestamps used in the Dussehra::killRavana function are wrong and they do not correspond with the docs: "this function will only work after 12th October 2024 and before 13th October 2024".
Vulnerability Details
The timestamps on Line 68 and Line 71 of Dussehra::killRavana are wrong. They must be changed to the correct ones.
Impact
The users will not be able to execute the function outside of the period after 12th October 2024 and before 13th October 2024. They can still execute it and the funds are not at risk.
Tools Used
Manual review
Recommendations
Change the timestamps to the correct ones. See the code below.
function killRavana() public RamIsSelected {
- if (block.timestamp < 1728691069) {
+ if (block.timestamp < 1728691200) {
revert Dussehra__MahuratIsNotStart();
}
- if (block.timestamp > 1728777669) {
+ if (block.timestamp > 1728777600) {
revert Dussehra__MahuratIsFinished();
}
IsRavanKilled = true;
uint256 totalAmountByThePeople = WantToBeLikeRam.length * entranceFee;
totalAmountGivenToRam = (totalAmountByThePeople * 50) / 100;
(bool success, ) = organiser.call{value: totalAmountGivenToRam}("");
require(success, "Failed to send money to organiser");
}
Rewards breakdown
nSLOC
218This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.