First Flight #20: The Predicter

First Flight #20

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

Incorrect Deadline Check

kapten

Finding 1: [HIGH] Incorrect Deadline Check for Prediction Functions

Summary:
The deadline check for the functions ScoreBoard:setPrediction and ThePredicter:makePrediction is implemented incorrectly.

Vulnerability Details:
The contracts allow players to make predictions until 19:00:00 UTC on the day of the match. However, the implemented check is:

if (block.timestamp > START_TIME + matchNumber * 68400 - 68400) {

revert ThePredicter__PredictionsAreClosed();

}

This translates to block.timestamp > AUG 15 20:00:00 + (MATCH_NUMBER * 19:00:00) - 19:00:00, which incorrectly blocks predictions before 19:00:00.

Proof of Concept:
A test was conducted to demonstrate the issue:

function test_wrongPredictionDeadlineCheck() public {

vm.startPrank(stranger);

vm.warp(1);

vm.deal(stranger, 1 ether);

thePredicter.register{value: 0.04 ether}();

vm.stopPrank();

vm.startPrank(organizer);

vm.warp(2);

thePredicter.approvePlayer(stranger);

vm.stopPrank();

uint256 AUG15_180000 = 1723744800; // August 15, 2024 18:00:00

vm.warp(AUG15_180000);

vm.expectRevert(

abi.encodeWithSelector(ThePredicter__PredictionsAreClosed.selector)

);

vm.startPrank(stranger);

thePredicter.makePrediction{value: 0.0001 ether}(

ScoreBoard.Result.Draw

);

vm.stopPrank();

}

Impact:
High

Tools Used:

Manual review
Foundry

Recommendations:

Replace the incorrect time check with the following logic:

current_time <= AUG15 20:00:00 + (matchNumber * 86400) - 3600 // 86400 -> 1 day && 3600 -> 1 hr

Update the following lines:

Add at ThePredicter: line 95:

+ if (current_time <= START_TIME + (matchNumber * 86400) - 3600)
Add at ScoreBoard: line 73:

+ if (current_time <= START_TIME + (matchNumber * 86400) - 3600)

Remove the existing checks:

Remove ThePredicter: line 95:

- if (block.timestamp > START_TIME + matchNumber * 68400 - 68400)
Remove ScoreBoard: line 73:

- if (block.timestamp > START_TIME + matchNumber * 68400 - 68400)

Updates

Lead Judging Commences

NightHawK Lead Judge about 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

Match timestamps are incorrect

In both contracts there is a similar error in the computation of the timestamps of the matches.

Rewards breakdown

nSLOC

191

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.