First Flight #17: Dussehra

First Flight #17

Beginner FriendlyFoundryNFT

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Invalid

Lack of validation checks for burned or transferred NFTs in the ChoosingRam contract may lead to incorrect selection of Ram.

waydou

Summary

Lack of validation checks for burned or transferred NFTs in the ChoosingRam contract may lead to incorrect selection of Ram.

Vulnerability Details

The ChoosingRam contract does not validate whether an NFT has been burned or transferred to another owner before executing critical functions. Specifically, the functions ChoosingRam::increaseValuesOfParticipants and ChoosingRam::selectRamIfNotSelected rely on the characteristics of the NFTs without verifying their current existence or ownership status.

No Check for Burned Tokens in the ChoosingRam::increaseValuesOfParticipants : The contract does not ensure that the tokenId in question is still valid and hasn't been burned.

if (ramNFT.getCharacteristics(tokenIdOfChallenger).ram != msg.sender) {

revert ChoosingRam__CallerIsNotChallenger();

}

No Check for Current Ownership in the ChoosingRam::selectRamIfNotSelected: The contract does not verify if the Ram is still the current owner of the token before selecting it as Ram.

selectedRam = ramNFT.getCharacteristics(random).ram;

Impact

Incorrect Ram Selection: If an NFT has been burned or transferred, selecting it as the Ram could lead to selecting an invalid address or an incorrect participant, undermining the integrity of the selection process.
Loss of Funds: An invalid Ram selection can disrupt the distribution of funds, potentially causing financial losses to participants.

Tools Used

Manual Code Review

Recommendations

Add checks such as

require(ramNFT.exists(tokenIdOfChallenger), "Token has been burned");

and

selectedRam = ramNFT.getCharacteristics(random).ram;

require(ramNFT.ownerOf(random) == selectedRam, "Selected Ram is not the current owner of the token");

Updates

Lead Judging Commences

bube Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

218

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.