Eggstravaganza
First Flight #37
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

endTime not used correctly

lucky2892000

Summary

user can participate a second extra than the duration set by the owner

Vulnerability Details

-> with the help of the EggHuntGame::startGame we are setting the duration

-> consider we have set the duration as 60 seconds and assume current block.timestamp is at 60 seconds

-> then EggHuntGame::startTime is 60 and EggHuntGame::endTime is 120 seconds and we need to allow users to participate only for 60 seconds of duration

-> in the function EggHuntGame::searchForEgg we have these two conditions

require(block.timestamp >= startTime, "Game not started yet");
require(block.timestamp <= endTime, "Game ended");

-> with the above two conditions users can particpate from 60th second to 120th seconds which is 61 seconds

Impact - Low

Likelyhood - Low

Tools Used

Manual Review

Recommendations

User only need to participate only the duration that was set by the owner

Updates

Lead Judging Commences

m3dython Lead Judge 5 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Appeal created

lucky2892000 Submitter
5 months ago
m3dython Lead Judge
5 months ago
m3dython Lead Judge 5 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.