MyCut
First Flight #23
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: high
Invalid

Contract State Not Reset After Pot Closure

n3smaro

Summary

The closePot function in the Pot contract does not reset the state after the pot is closed. The claimants array and remainingRewards variable are left unchanged, which could lead to issues if additional funds are sent to the contract or if the function is called multiple times.

Vulnerability Detail

After the closePot function executes, the following code is responsible for managing rewards:

for (uint256 i = 0; i < claimants.length; i++) {
_transferReward(claimants[i], claimantCut);
}

However, the state of the contract is not reset:

  • The claimants array is not cleared.

  • The remainingRewards variable is not set to zero.
    This lack of state reset allows:

  • Additional funds sent directly to the contract to potentially be distributed if closePot is called again.

  • The owner can call closePot multiple times, potentially redistributing any funds sent after the pot is closed.

Impact

  • State Inconsistency: Leaving claimants and remainingRewards unchanged can result in inconsistencies and unexpected behavior in subsequent contract operations.

  • Potential Exploitation: If users send additional funds directly to the contract after it has been closed, these funds could be redistributed if the closePot function is called again, leading to unintended reward distributions.

Tools Used

Manual Code Review

Recommendations

After distributing rewards in the closePot function, reset the state of the contract to prevent any issues with additional funds or repeated calls:

// Reset claimants array
delete claimants;
// Set remaining rewards to zero
remainingRewards = 0;
Updates

Lead Judging Commences

equious Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Other

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.