First Flight #17: Dussehra
First Flight #17
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: high
Invalid

Attacker can become selected Ram without risk with only 2 NFT.

n0kto

Description

This protocol is vulnerable to Sybil attack. Here, only 2 addresses will be enough to become the selected Ram.
Only 3 conditions are check for the used tokens in increaseValuesOfParticipants:

  • Are the NFTs existing ?

  • Does the first one owned by the caller ?

  • Is the event finish ?

These conditions allow anyone to select the same challengers everytime. Meaning that any attacker with 2 addresses, each one with a NFT, can use their both NFT until one become the selected Ram.

@> function increaseValuesOfParticipants(uint256 tokenIdOfChallenger, uint256 tokenIdOfAnyPerticipent)
public
RamIsNotSelected
{
if (tokenIdOfChallenger > ramNFT.tokenCounter()) {
revert ChoosingRam__InvalidTokenIdOfChallenger();
}
if (tokenIdOfAnyPerticipent > ramNFT.tokenCounter()) {
revert ChoosingRam__InvalidTokenIdOfPerticipent();
}
if (ramNFT.getCharacteristics(tokenIdOfChallenger).ram != msg.sender) {
revert ChoosingRam__CallerIsNotChallenger();
}
if (block.timestamp > 1728691200) {
revert ChoosingRam__TimeToBeLikeRamFinish();
}
...
}

Risk

Likelyhood: High

  • With just 2 addresses and two tokens, any attacker can become the selected Ram.

Impact: High

  • Event logic is broken. Attackers can become the winner without risk.

Recommended Mitigation

Add a timer between every fight. Prevent users to fight against the same token twice.

Updates

Lead Judging Commences

bube Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
n0kto Submitter
over 1 year ago
bube Lead Judge
over 1 year ago
bube Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!