MyCut

First Flight #23

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Invalid

Lack of Validation for Reward Summation in `ContestManager::createContest`

esoetheric

Summary

In the ContestManager::createContest function, there is no validation to ensure that the sum of the rewards array matches the totalRewards value provided. This can result in a situation where the total rewards are either insufficient or exceed the intended distribution, potentially leading to users being unable to withdraw their rewards or funds being locked in the contract.

Impact

Users might be unable to withdraw their rewards if the total funds do not match the promised rewards, or conversely, excess funds might be locked in the contract without a mechanism for retrieval.

Tools Used

Manual review.

Proof of Concept

We can attempt to deploy a Pot with incorrect values and see if the attempt is successful, in TestMyCut.t.sol add the test:

function testDeploymentIncorrectRewards() public mintAndApproveTokens {

vm.startPrank(user);

ContestManager testConMan = ContestManager(conMan);

vm.expectRevert();

address testPot = testConMan.createContest(

players,

rewards,

IERC20(weth),

);

}

Then run:

forge test

rewards is an array with the values [3, 1], the correct sum of these values would be 4 but a different number, 50 in this case, doesn't cause a revert.

Recommended Mitigation

Introduce a check that verifies the sum of the rewards array equals totalRewards before deploying the Pot contract, for instance:

function createContest(

address[] memory players,

uint256[] memory rewards,

IERC20 token,

uint256 totalRewards

) public onlyOwner returns (address) {

// Create a new Pot contract

uint256 rewardsLength = rewards.length;

uint256 rewardsSum;

for (uint256 i; i < rewardsLength; i++) {

rewardsSum += rewards[i];

}

require(rewardsSum == totalRewards);

Pot pot = new Pot(players, rewards, token, totalRewards);

contests.push(address(pot));

contestToTotalRewards[address(pot)] = totalRewards;

return address(pot);

}

Updates

Lead Judging Commences

equious Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Known issue

Appeal created

esoetheric Submitter

about 1 year ago

esoetheric Submitter

about 1 year ago

equious Lead Judge

about 1 year ago

equious Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Known issue

Rewards breakdown

nSLOC

106

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.