First Flight #20: The Predicter

First Flight #20

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: low

Invalid

Re-registration may allows same address to occupy multiple slots in `players` array

cass

Description:

The current checks present in ThePredicter.sol::register() don't confirm whether the registering address is already a player, allowing a user to bypass the ThePredicter__CannotParticipateTwice(); rule. When an already approved player re-uses their address in an attempt to re-register, if approved, the same address occupies more than one slot in the players array.

Impact:

If the organizer approves an address that is already in the players array but has re-registered, it is possible for the user to take up more than one participation slot denying entry to other valid users looking to participate.

Tooling:

This issue was noted as part of manual code review.

Proof of Concept:

Insert the following function into ThePredicter.test.sol file and run the command forge test --match-path test/ThePredicter.test.sol --mt test_reregister -vvv to demo the same address being entered twice into the players array.

function test_reregister() public {

uint256 entranceFee = 0.04 ether;

uint256 predictionFee = 0.0001 ether;

address user = makeAddr("user");

// User registers

vm.deal(user, 1 ether);

vm.prank(user);

thePredicter.register{value: entranceFee}();

// Orgainzer approves user

vm.prank(organizer);

thePredicter.approvePlayer(user);

// User registers

vm.prank(user);

thePredicter.register{value: entranceFee}();

// Orgainzer approves user

vm.prank(organizer);

thePredicter.approvePlayer(user);

for(uint256 i = 0 ; i < 2; ++i){

console.log("Player at index ", i, ": ", thePredicter.players(i));

}

Remediation:

It is recommended to add another check to ThePredicter.sol::register() to confirm a users address isn't already present in the players array before being added in.

Updates

Lead Judging Commences

NightHawK Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

191

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.