[M-1]: Newly created rewards are unreachable and specific rewards are defined in the `MysteryBox::openBox` function, making the `MysteryBox::addReward` function, `MysteryBox::getRewardPool` function and `MysteryBox::rewardPool` variable obsolete
Summary
The owner should be able to create a new reward using the MysteryBox::addReward function. This pushes the newly created reward to the MysteryBox::rewardPool array. However, there is no way to claim the new reward as no function references the MysteryBox::rewardPool array to obtain the rewards. The only function solely responsible for revealing rewards is the MysteryBox::openBox function. This function however strictly works with four predefined scenarios, and does not reflect any other rewards added to the MysteryBox::rewardPool array. Moreover, the MysteryBox::openBox hardcodes the rewards and does not use the MysteryBox::rewardPool array at all, meaning there is no way for newly specified rewards to be included when the box is opened.
Vulnerability Details
Newly added rewards cannot be reached as the storage variable MysteryBox::rewardPool is never referenced to retrieve the reward details.
Impact
The MysteryBox::addReward function is obsolete and so is the MysteryBox::rewardPool storage variable as they have no impact on the rewarding process of the protocol. The MysteryBox::openBox is the only function deciding on the rewards distributed and it uses its own, hardcoded values for the rewards. Therefore, there is no possible way to reach newly created rewards.
Tools Used
Static analysis
Recommendations
TDB
Appeal created
addReward won't have any effect on openBox
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.