First Flight #17: Dussehra
First Flight #17
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: low
Valid

Different Timestamps is Used in `Dussehra` and `ChoosingRam` Contracts

4rdiii

[L-2] Different Timestamps is Used in Dussehra and ChoosingRam Contracts

Description:
The protocol exhibits inconsistencies in timestamp usage across different contracts, specifically in the Dussehra and ChoosingRam contracts. These inconsistencies manifest as slight differences in the timestamps used to control access to certain functions, potentially leading to confusion or unintended behavior due to the varying times at which actions become permissible or forbidden.

Dussehra::killRavana:

function killRavana() public RamIsSelected {
@> if (block.timestamp < 1728691069) {
//10/12/2024, 3:27:49 AM
revert Dussehra__MahuratIsNotStart();
}
@> if (block.timestamp > 1728777669) {
//10/13/2024, 3:31:09 AM
revert Dussehra__MahuratIsFinished();
}
IsRavanKilled = true;
uint256 totalAmountByThePeople = WantToBeLikeRam.length * entranceFee;
totalAmountGivenToRam = (totalAmountByThePeople * 50) / 100;
(bool success, ) = organiser.call{value: totalAmountGivenToRam}("");
require(success, "Failed to send money to organiser");
}

ChoosingRam::selectRamIfNotSelected:

function selectRamIfNotSelected() public RamIsNotSelected OnlyOrganiser {
@> if (block.timestamp < 1728691200) {
revert ChoosingRam__TimeToBeLikeRamIsNotFinish();
} //10/12/2024, 3:30:00 AM
@> if (block.timestamp > 1728777600) {
revert ChoosingRam__EventIsFinished();
} //10/13/2024, 3:30:00 AM
.
.
.
}

ChoosingRam::increaseValuesOfParticipants:

function increaseValuesOfParticipants(
uint256 tokenIdOfChallenger,
uint256 tokenIdOfAnyPerticipent
) public RamIsNotSelected {
.
.
.
@> if (block.timestamp > 1728691200) {
//10/12/2024, 3:30:00 AM
revert ChoosingRam__TimeToBeLikeRamFinish();
}

Impact:
These inconsistencies in timestamp usage could lead to unexpected behavior, such as functions becoming accessible or inaccessible at slightly different times than intended. This could affect the protocol's operation, especially if precise timing is crucial for certain actions or events.

Proof of Concept:
The provided code snippets illustrate the differing timestamps used across the Dussehra and ChoosingRam contracts. Specifically, the killRavana function in the Dussehra contract uses timestamps that differ by a few minutes from those used in the ChoosingRam contract's selectRamIfNotSelected and increaseValuesOfParticipants functions.

Tools Used:
Manual review

Recommended Mitigation:
To ensure consistency and avoid potential issues arising from the slight differences in timestamp usage, consider standardizing the timestamps used across all contracts. This involves agreeing on a single set of timestamps for starting and ending events and using these consistently throughout the protocol. Additionally, documenting the chosen timestamps clearly and communicating them effectively to all stakeholders can help prevent misunderstandings or errors related to timing.

Updates

Lead Judging Commences

bube Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Incorrect timestamp

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.