The vulnerability allows users to claim rewards using the claimCut
function even after the contest has been closed using closeContest
function, bypassing the intended restriction on post-closure claims.
The vulnerability stems from the lack of a proper state check in the claimCut
function of the Pot.sol
contract. The contest is intended to close after a specified period (e.g., 90 days), at which point no further reward claims should be possible. However, the claimCut
function does not verify whether the contest is still open before allowing users to claim their rewards.
Add this test case in your TestMyCut.t.sol file
In this scenario, Player 1 is able to claim a reward after the contest is closed, which should not be possible under the correct functionality.
Users can claim rewards even after the contest has ended, bypassing the intended restriction and potentially accessing funds they shouldn’t be entitled to.
The remaining rewards, which should be managed or redistributed by the contract, might be depleted by unauthorized claims, leading to a financial loss for the contract owner or other stakeholders.
Claims made after closure can distort the fairness of reward distribution, leading to discrepancies where some participants might receive more than their fair share or others might receive less.
Manual Review
Please incorporate the following code into the Pot.sol
contract. I have introduced a boolean variable, isOpen
, which is set to true
upon contract deployment and changed to false
when the contest is closed. This ensures that any attempts to claim rewards after the contest has closed will result in a transaction revert with the error Pot__IsClosed()
.
This update ensures that reward claims are only processed if the contest is still open, and prevents any claims after the contest has officially closed.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.