The incorrect prediction entry cutoff time causes the deadline for players to make their predictions to be much earlier than the actual scheduled cutoff time
Summary
The prediction entry cutoff time in ThePredicter::makePrediction and ScoreBoard::setPrediction was incorrectly specified resulting the deadline for players to finalize their prediction becomes much earlier than expected scheduled time
Vulnerability Details
In functions ThePredicter::makePrediction and ScoreBoard::setPrediction, there was a condition check implemented to determine if prediction valid entry timestamp was over. However, the timestamp implemented was found incorrect, resulting the prediction entry session was closed earlier than the actual intended deadline.
Since prediction cut off is 1 hour before each match start time on daily basis for continuosly 9 matches, on a full day to the next match, it is equal to
1 full day : 24 hours * 60 minutes * 60 seconds ==> 86400 unix timestamp
1 hour : 60 minutes * 60 seconds ==> 3600 unix timestamp
Therefore, the correct prediction cutoff timestamp check should be
START_TIMW + matchNumber * 86400 - 3600
Impact
Players could have miss the time to enter their predictions as the cutoff time was wrongly set and brought forward much earlier than the intended scheduled deadline, potentially cause the players to loss their rewards if their predictions indeed match the final results
Tools Used
Manual review
Recommendations
Amend the timestamp to reflect the actual schedule deadline as below
For ScoreBoard::setPrediction :
For ThePredicter::makePrediction :
Lead Judging Commences
Match timestamps are incorrect
In both contracts there is a similar error in the computation of the timestamps of the matches.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.