First Flight #20: The Predicter
First Flight #20
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Low Issues

x0rc1ph3r

Low Issues

L-1: Centralization Risk for trusted owners

Contracts have owners with privileged rights to perform admin tasks and need to be trusted to not perform malicious updates or drain funds.

2 Found Instances

  • Found in src/ScoreBoard.sol Line: 46

    function setThePredicter(address _thePredicter) public onlyOwner {

  • Found in src/ScoreBoard.sol Line: 50

    function setResult(uint256 matchNumber, Result result) public onlyOwner {

L-2: Missing checks for address(0) when assigning values to address state variables

Check for address(0) when assigning values to address state variables.

2 Found Instances

  • Found in src/ScoreBoard.sol Line: 47

    thePredicter = _thePredicter;

  • Found in src/ThePredicter.sol Line: 41

    scoreBoard = ScoreBoard(_scoreBoard);

L-3: public functions not used internally could be marked external

Instead of marking a function as public, consider marking it as external if it is not used internally.

13 Found Instances

  • Found in src/ScoreBoard.sol Line: 46

    function setThePredicter(address _thePredicter) public onlyOwner {

  • Found in src/ScoreBoard.sol Line: 50

    function setResult(uint256 matchNumber, Result result) public onlyOwner {

  • Found in src/ScoreBoard.sol Line: 54

    function confirmPredictionPayment(

  • Found in src/ScoreBoard.sol Line: 61

    function setPrediction(

  • Found in src/ScoreBoard.sol Line: 77

    function clearPredictionsCount(address player) public onlyThePredicter {

  • Found in src/ScoreBoard.sol Line: 81

    function getPlayerScore(address player) public view returns (int8 score) {

  • Found in src/ScoreBoard.sol Line: 94

    function isEligibleForReward(address player) public view returns (bool) {

  • Found in src/ThePredicter.sol Line: 46

    function register() public payable {

  • Found in src/ThePredicter.sol Line: 62

    function cancelRegistration() public {

  • Found in src/ThePredicter.sol Line: 72

    function approvePlayer(address player) public {

  • Found in src/ThePredicter.sol Line: 85

    function makePrediction(

  • Found in src/ThePredicter.sol Line: 101

    function withdrawPredictionFees() public {

  • Found in src/ThePredicter.sol Line: 111

    function withdraw() public {

L-4: Define and use constant variables instead of using literals

If the same constant literal value is used multiple times, create a constant state variable and reference it throughout the contract.

4 Found Instances

  • Found in src/ScoreBoard.sol Line: 66

    if (block.timestamp <= START_TIME + matchNumber * 68400 - 68400)

  • Found in src/ThePredicter.sol Line: 93

    if (block.timestamp > START_TIME + matchNumber * 68400 - 68400) {

L-5: PUSH0 is not supported by all chains

Solc compiler version 0.8.20 switches the default target EVM version to Shanghai, which means that the generated bytecode will include PUSH0 opcodes. Be sure to select the appropriate EVM version in case you intend to deploy on a chain other than mainnet like L2 chains that may not support PUSH0, otherwise deployment of your contracts will fail.

2 Found Instances

  • Found in src/ScoreBoard.sol Line: 2

    pragma solidity 0.8.20;

  • Found in src/ThePredicter.sol Line: 2

    pragma solidity 0.8.20;
Updates

Lead Judging Commences

NightHawK Lead Judge 11 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.