Summary

The graduateAndUpgrade() function in the LevelOne contract is missing critical precondition checks that should verify that all students meet the required conditions for graduation before the system upgrade is initiated. The lack of these checks exposes the contract to potential misuse or unexpected behavior.

Vulnerability Details

The graduateAndUpgrade() function is designed to handle the graduation of students and the system upgrade. However, it does not properly check the following conditions before proceeding:

• Student Review Completion: It should ensure that every enrolled student has completed all 4 reviews before allowing the system upgrade to occur.

• Student Score Evaluation: It should verify that students meet the cutoff score to be eligible for the upgrade.

• System Upgrade Condition: The function should check that the school session has ended (sessionEnd reached) before executing the upgrade and triggering the payments.

The current lack of these checks creates a risk of students being upgraded even if they haven’t met the review or score requirements, which goes against the design of the Hawk High School system.

Impact

1. Unqualified Students Can Graduate: Students who have not met the necessary criteria (e.g., not completing the reviews or not meeting the cutoff score) could graduate and proceed to the next level.

2. Premature System Upgrade: The system could be upgraded before all students meet the required conditions, causing potential data integrity issues or unexpected behaviors in subsequent levels.

3. Financial Impact: If the upgrade happens prematurely, the principal and teachers may receive payments based on incorrect or incomplete data, leading to financial discrepancies.

4. Inconsistent Contract State: The contract may enter an inconsistent state where some students are upgraded while others are not, potentially confusing the contract's behavior.

Tools Used

• Solidity analysis

• Manual inspection

• Slither (optional, for static analysis)

• Manual test cases to simulate potential flaws

Recommendations

1. Check All Reviews: Implement a check to ensure all students have received 4 reviews (one for each week) before proceeding with graduation and upgrade.

   for (uint256 i = 0; i < listOfStudents.length; i++) {

   if (reviewCount[listOfStudents[i]] < 4) {

   revert HH__IncompleteReviews(listOfStudents[i]);

   }

   }

2. Check Cutoff Score: Add a verification that each student has a score greater than or equal to the cutOffScore before allowing graduation.

   for (uint256 i = 0; i < listOfStudents.length; i++) {

   if (studentScore[listOfStudents[i]] < cutOffScore) {

   revert HH__StudentNotQualifiedForGraduation(listOfStudents[i]);

   }

   }

3. Ensure Session Ended: Make sure that the system upgrade only happens when the sessionEnd timestamp has been reached.

   if (block.timestamp < sessionEnd) {

   revert HH__SessionNotEnded();

   }

4. Add Detailed Reverts: Provide meaningful revert messages for each condition to help the users and contract auditors understand why a particular action cannot be performed.

By implementing these precondition checks, the contract will ensure that the graduation process and system upgrade only happen under valid conditions, maintaining system integrity and fairness.