Submission Details
Severity:
Player must attend two times along with positive scores can get the profit, which doesn't fit the doc desgin.
Summary
As the doc said as below, but the code is the player must attend two times.
Players can receive an amount from the prize fund only if their total number of points is a positive number and if they had paid at least one prediction fee.
Vulnerability Details
function isEligibleForReward(address player) public view returns (bool) {
return
results[NUM_MATCHES - 1] != Result.Pending &&
playersPredictions[player].predictionsCount > 1;// there should change 1 as 0
}
Impact
Doesn't fit the doc desgin
Tools Used
maual
Recommendations
function isEligibleForReward(address player) public view returns (bool) {
return
results[NUM_MATCHES - 1] != Result.Pending &&
playersPredictions[player].predictionsCount > 0;
}
Updates
Lead Judging Commences
NightHawK about 1 year ago
Submission Judgement Published Assigned finding tags:
The eligibility criteria is wrong
Players with only one prediction cannot withdraw.
Rewards breakdown
nSLOC
191This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.