MyCut
First Flight #23
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Failure to Initialize in Pot.sol

fels21

Summary

The content manager smart contract is designed to have two initial admin interactions:
First, the admin creates the contest (pot.sol).
Second, the admin funds the contest.

However, a user can potentially claim the reward before the contest is funded.

Vulnerability Details

After creating the contest, a user can execute the claimCut function directly without any restriction, and it will obviously fail.

Proof of code

function testCanClaimCutUnfunded() public mintAndApproveTokens {
vm.startPrank(user);
contest = ContestManager(conMan).createContest(
players,
rewards,
IERC20(ERC20Mock(weth)),
4
);
//We don't fund it
vm.stopPrank();
vm.expectRevert();
vm.startPrank(player1);
Pot(contest).claimCut();
vm.stopPrank();
}

Impact

The user will waste gas, and the transaction will fail without achieving any result.

Tools Used

Manual analysis.

Recommendations

To avoid this, one method is to create a state variable to indicate the status of the pot. Alternatively, we can use the already created but unused error:

error Pot__InsufficientFunds();

and check the status before allowing a claim:

function claimCut() public {
address player = msg.sender;
uint256 reward = playersToRewards[player];
if (reward <= 0) {
revert Pot__RewardNotFound();
}
+ uint256 balance = i_token.balanceOf(address(this));
+ if (balance < reward) {
+ revert Pot__InsufficientFunds();
+ }
playersToRewards[player] = 0;
remainingRewards -= reward;
claimants.push(player);
_transferReward(player, reward);
}
Updates

Lead Judging Commences

equious Lead Judge 12 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.