Christmas Dinner
First Flight #31
Beginner FriendlyFoundrySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Inflexible deadline management puts Christmas dinner at risk by preventing legitimate extensions or changes

nomadic_bear

Summary

The ChristmasDinner contract lacks flexibility in deadline management as the deadline can only be set once and cannot be modified, potentially forcing event cancellation if set incorrectly.

Vulnerability Details

The deadline management system has a critical design limitation where the deadline can only be set once due to the deadlineSet boolean flag:

function setDeadline(uint256 _days) external onlyHost {
if(deadlineSet) {
revert DeadlineAlreadySet();
} else {
deadline = block.timestamp + _days * 1 days;
emit DeadlineSet(deadline);
}
}

Once deadlineSet is true, there is no way to modify the deadline as:

  1. deadlineSet is never reset

  2. No functions exist to modify the deadline

  3. All deposit and refund operations strictly enforce the deadline via beforeDeadline modifier

Impact

This inflexibility could lead to:

  • Forced event cancellation if deadline is set incorrectly

  • Inability to handle legitimate delays or changes in plans

  • Loss of user participation if deadline needs extension

  • Additional gas costs if contract redeployment is needed due to deadline issues

Tools Used

Manual code review

Recommendations

Implement a deadline extension function accessible by the host

Add a grace period for deadline adjustments

Consider allowing deadline modifications with participant consensus

Updates

Lead Judging Commences

0xtimefliez Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Design choice
0xtimefliez Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.