Eggstravaganza
First Flight #37
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

endTime not used correctly

lucky2892000

Summary

user can participate a second extra than the duration set by the owner

Vulnerability Details

-> with the help of the EggHuntGame::startGame we are setting the duration

-> consider we have set the duration as 60 seconds and assume current block.timestamp is at 60 seconds

-> then EggHuntGame::startTime is 60 and EggHuntGame::endTime is 120 seconds and we need to allow users to participate only for 60 seconds of duration

-> in the function EggHuntGame::searchForEgg we have these two conditions

require(block.timestamp >= startTime, "Game not started yet");
require(block.timestamp <= endTime, "Game ended");

-> with the above two conditions users can particpate from 60th second to 120th seconds which is 61 seconds

Impact - Low

Likelyhood - Low

Tools Used

Manual Review

Recommendations

User only need to participate only the duration that was set by the owner

Updates

Lead Judging Commences

m3dython Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Appeal created

lucky2892000 Submitter
10 months ago
m3dython Lead Judge
10 months ago
m3dython Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!