Eggstravaganza
First Flight #37
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Magic Numbers

markomarko

Summary

All number literals should be replaced with constants. This makes the code more readable and easier to maintain. Numbers without context are called "magic numbers".

Vulnerability Details

src/EggHuntGame.sol :

function setEggFindThreshold(uint256 newThreshold) external onlyOwner {
@> require(newThreshold <= 100, "Threshold must be <= 100");
eggFindThreshold = newThreshold;
}

Impact

  1. Hard to Read

  • New developers (or yourself in 2 weeks) will be confused: why 5000? what does this number mean?

  1. Prone to Errors

  • If the number is used in many places and needs to be changed, you can update one wrong or forget one place.

  1. Lack of Flexibility

  • You can't easily adjust the parameters through configuration or upgrades, because the values are hardcoded.

  1. Audit and Security

  • Auditors will find it difficult to understand the logic of limits, fees, times, etc., as they are not named or documented.

  • May hide bugs or inconsistent logic.

Tools Used

  1. Foundry

Recommendations

Replace all magic numbers with constants.

+ uint256 public constant MAX_THRESHOLD = 100;
.
.
.
function setEggFindThreshold(uint256 newThreshold) external onlyOwner {
- require(newThreshold <= 100, "Threshold must be <= 100");
+ require(newThreshold <= MAX_THRESHOLD, "Threshold must be <= 100");
eggFindThreshold = newThreshold;
}
Updates

Lead Judging Commences

m3dython Lead Judge 2 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.