Christmas Dinner

First Flight #31

Beginner FriendlyFoundrySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

Host can set the deadline multiple times

marcoroccon

Description:
The function setDeadline can be called only by the host, which is the intended behavior. However, the smart contract defines a custom error DeadlineAlreadySet which implies that once the deadline is set, the host should not be able to change it again. The function setDeadline requires the public boolean variable deadlineSet to be false in order to continue the execution. The problem is that this variable is never set to true, therefore allowing multiple reset of the deadline by the host.

Impact:
The severity of the issue depends on whether the host is a malicious actor or not. We tend to assume that the host of the contract should act in the interest of the organization. However, this adds a layer of trust which could be easily broken by the host, extending the deadline and allowing user to withdraw funds even though the original deadline has already been reached.

Tools Used:
Manual review

Proof of Concept:

Add the following test to ChristmasDinnerTest.t.sol. This test should pass, demonstrating that it is possible for the host to reset the deadline multiple times.

function test_tryResettingDeadlineAsHostMultipleTimes() public {

vm.startPrank(deployer);

cd.setDeadline(8 days);

cd.setDeadline(7 days);

cd.setDeadline(10 days);

vm.stopPrank();

}

Recommended Mitigation:

In case setDeadline should revert after the host has already set the deadline once, the best solution is to set the deadlineSet variable to true right after the necessary timestamp conversion of the new deadline.

function setDeadline(uint256 _days) external onlyHost {

if(deadlineSet) {

revert DeadlineAlreadySet();

} else {

deadline = block.timestamp + _days * 1 days;

+ deadlineSet = true;

emit DeadlineSet(deadline);

}

In case setDeadline should allow the host to change the deadline multiple times, it is possible to eliminate the if/else statement, as well as the public variable deadlineSet and the custom error DeadlineAlreadySet.

error NotHost();

error BeyondDeadline();

- error DeadlineAlreadySet();

error OnlyParticipantsCanBeHost();

error NotSupportedToken();

address public host;

uint256 public deadline;

- bool public deadlineSet = false;

bool private locked = false;

mapping (address user => bool) participant;

function setDeadline(uint256 _days) external onlyHost {

- if(deadlineSet) {

- revert DeadlineAlreadySet();

- } else {

deadline = block.timestamp + _days * 1 days;

emit DeadlineSet(deadline);

- }

}

Updates

Lead Judging Commences

0xtimefliez Lead Judge about 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

deadline is never set to true

Rewards breakdown

nSLOC

129

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!