Incorrect Reset of `predictionCount` in `setPrediction` Function Leads to Inaccurate Tracking
Summary
The setPrediction function in the ScoreBoard contract incorrectly resets the predictionsCount to 0 every time it is called, which adversely affects the accuracy of the prediction count for players.
Vulnerability Details
The setPrediction function resets the predictionsCount for a player to 0 at the start of the function. This approach can lead to inaccuracies in the prediction count because it does not account for the previously set predictions correctly. Instead, the function should only update the count based on the current predictions and their payment status.
The issue can be found at:
https://github.com/Cyfrin/2024-07-the-predicter/blob/main/src/ScoreBoard.sol#L68
The line playersPredictions[player].predictionsCount = 0; sets the prediction count to 0 before calculating the new count. This causes the function to always reset the count, leading to inaccurate tracking of the number of predictions made by a player.
Impact
Incorrectly resetting the predictionsCount affects the accuracy of tracking the number of predictions a player has made. This can impact reward calculations and other game mechanics dependent on the predictionCount.
Tools Used
Manual Review
Recommendations
As demonstrated, removing the problematic line allows the function to accurately reflect the number of valid predictions.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.