First Flight #17: Dussehra
First Flight #17
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

`ChoosingRam::increaseValuesOfParticipants(uint256,uint256)` (src/ChoosingRam.sol#33-81) uses a dangerous strict equality

DuncanDuMond

Summary

Use of strict equalities that can be easily manipulated by an attacker.

Vulnerability Details

- if (random == 0) {
+ if (random = 0) {

Impact

Attacker can manipulate contract resulting in lost user funds

Tools Used

Slither

Recommendations

Don't use strict equality to determine if an account has enough Ether or tokens.

Updates

Lead Judging Commences

bube Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Info/Gas/Invalid according to docs

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.