Incorrect Eligibility Check Excludes Valid Players from Rewards
Summary
The ScoreBoard::isEligibleForReward function incorrectly checks for player eligibility, excluding players who have made only one prediction.
Vulnerability Details
The isEligibleForReward function uses the condition:
This check requires players to have made more than one prediction to be eligible for a reward. However, according to the README:
"Players can receive an amount from the prize fund only if their total number of points is a positive number and if they had paid at least one prediction fee."
This discrepancy means players who have made only one prediction are incorrectly excluded from reward eligibility.
Impact
Players who have made a single prediction and paid the corresponding fee are unfairly denied their chance to receive rewards, even if they meet all other criteria (positive point total, etc.).
Tools Used
Manual review
Recommendations
Modify the condition in the isEligibleForReward function to:
This change will correctly include all players who have made at least one prediction, aligning the code with the stated rules in the README.
Lead Judging Commences
The eligibility criteria is wrong
Players with only one prediction cannot withdraw.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.