Zero MaxScore Scenario Leads to Reward Distribution Failure
Summary
The ThePredicter::withdraw function fails to handle scenarios where the maximum score (maxScore) is zero, leading to a division by zero error and preventing reward distribution.
Vulnerability Details
In the withdraw function, the case where score is 0 or negative value, and maxScore is 0. This scenario bypasses the initial revert check if (maxScore > 0 && score <= 0). Then the reward calculation then uses a ternary operator:
With maxScore being 0, it chooses the second option, leading to:
However, totalShares will also be 0, causing a division by zero error and the function to revert.
Impact
This vulnerability prevents any rewards from being distributed when all players have non-positive scores. It effectively locks the funds in the contract under these circumstances, as the withdraw function will always revert.
Tools Used
Manual review
Recommendations
Lead Judging Commences
Possible maxScore of zero is not accounted
The checks related to maxScore do not account possible maxScore of zero leading to stuck funds or a division by zero error.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.