Christmas Dinner
First Flight #31
Beginner FriendlyFoundrySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

error message is wrong and misleading in the `deposit()` function

0xsailormars

Summary

The deposit() function uses a beforeDeadline modifier that fails to properly validate the deadline state, leading to misleading error messages and potentially confusing user experience.

Vulnerability Details

  1. Current Implementation:

modifier beforeDeadline() {
if(block.timestamp > deadline) { // Only checks if current time > deadline
revert BeyondDeadline(); // Wrong error message if deadline not set
}
_;
}

  1. Issue:

  • When contract is deployed, deadline = 0 (default value)

  • deadlineSet = false initially

  • The modifier only checks block.timestamp > deadline

  • Since any current timestamp is > 0, all transactions revert

  • Returns BeyondDeadline() error even when deadline was never set

  1. Root Cause:

  • Missing validation of deadlineSet boolean

  • Incorrect error message selection

  • Reliance on default uint256 value (0) for deadline comparison

Impact

  • Users receive incorrect error messages

  • Cannot distinguish between "deadline not set" and "deadline passed"

Tools Used

Manual Review

Recommendations

modifier beforeDeadline() {
if (!deadlineSet) {
revert DeadlineNotSet();
}
if (block.timestamp > deadline) {
revert BeyondDeadline();
}
_;
}
Updates

Lead Judging Commences

0xtimefliez Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Appeal created

0xsailormars Submitter
10 months ago
0xtimefliez Lead Judge
10 months ago
0xsailormars Submitter
10 months ago
0xtimefliez Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.