First Flight #20: The Predicter

First Flight #20

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: high

Valid

Missing Player.Status check makes anyone can make prediction

decap

Summary

Missing Player.Status check makes anyone can make prediction

Vulnerability Details

Function ThePredicter::makePrediction lacks of Player.Status check so anyone can make predictions even without registration

Proof of concept

Copy this tests to ThePredicter.test.sol

function test_anyoneCanMakePrediction() public{

vm.deal(stranger, 1 ether);

vm.startPrank(stranger);

vm.expectRevert();

thePredicter.makePrediction{value: 0.0001 ether}(

ScoreBoard.Result.Draw

);

vm.stopPrank();

}

function test_cancelledPlayerCanMakePrediction() public{

vm.deal(stranger, 1 ether);

vm.startPrank(stranger);

thePredicter.register{value: thePredicter.entranceFee()}();

thePredicter.cancelRegistration();

vm.expectRevert();

thePredicter.makePrediction{value: 0.0001 ether}(

ScoreBoard.Result.Draw

);

vm.stopPrank();

}

and run commands

forge test --mt test_anyoneCanMakePrediction -vvv

forge test --mt test_cancelledPlayerCanMakePrediction -vvv

Both tests will fail reverting. It means that player that didn't even register or cancelled registration can still make predictions

Impact

High, contract does not work as expected

Tools Used

Manual review

Recommendations

Add PlayerStatus check to ThePredicter::makePrediction

error ThePredicter__IncorrectEntranceFee();

error ThePredicter__RegistrationIsOver();

error ThePredicter__IncorrectPredictionFee();

error ThePredicter__AllPlacesAreTaken();

error ThePredicter__CannotParticipateTwice();

error ThePredicter__NotEligibleForWithdraw();

error ThePredicter__PredictionsAreClosed();

error ThePredicter__UnauthorizedAccess();

+ error ThePredicter__PlayerNotApproved();

function makePrediction(

uint256 matchNumber,

ScoreBoard.Result prediction

) public payable {

if (msg.value != predictionFee) {

revert ThePredicter__IncorrectPredictionFee();

}

+ if(playersStatus[msg.sender] != Status.Approved){

+ revert ThePredicter__PlayerNotApproved();

+ }

if (block.timestamp > START_TIME + matchNumber * 68400 - 68400) {

revert ThePredicter__PredictionsAreClosed();

}

scoreBoard.confirmPredictionPayment(msg.sender, matchNumber);

scoreBoard.setPrediction(msg.sender, matchNumber, prediction);

}

Updates

Lead Judging Commences

NightHawK Lead Judge about 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

makePrediction lacks access control

makePrediction has no access controls and any unapproved user can make predictions causing an incorrect calculation and distribution of rewards.

Rewards breakdown

nSLOC

191

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.