Incorrect timestamp used for event start and end in `Dussehra::killRavana` which deviates from the timestamp mentioned in docs
Summary
Incorrect timestamps are used in killRavana to ensure that the time at which it is called is of Dussehra event. The documentation mentions that the Dussehra event starts from 12th Oct and will finish before 13th Oct, but the timestamps that are used for check in killRavana function are different.
Vulnerability Details
The vulnerability is present in the
killRavanafunction where it uses incorrect timestamps for checking the timestamp is between the start and end timestamp of Dussehra.But the timestamp used in the function is different from the one which is mentioned in the documentation as a result of which the user can call the function in different time which deviates from the documentation.
The docs mentions that the killRavana will be available after 12th October 2024 and before 13th October 2024.
The actual timestamp that corresponds to 12th October 2024 is 1728691200 and to 13th October is 1728777600 but different timestamps are used.
Impact
killRavana can be called outside of the time mentioned in the docs.
Tools Used
Manual Review
Recommendations
Correct the timestamps according to the docs:
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.