Hawk High
First Flight #39
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: low
Valid

Missing Validation in graduateAndUpgrade Enabling Premature Upgrade

cipheredsage

Summary

The graduateAndUpgrade function is responsible for authorizing an upgrade to a new contract and distributing wages to teachers and principal from a bursary. It assumes all the preconditions are met.

Impact

Without checks, this function can:

  • Allow graduation before the session officially ends.

  • Permit upgrades even if students are not fully reviewed.

  • Promote students who fail to meet the required score, undermining the evaluation process.

  • Waste funds by prematurely distributing USDC-based wages.

Tools Used

  • Manual code review

Solution

Before authorizing an upgrade or distributing funds:

  • Ensure the session has ended by checking the current timestamp against sessionEnd.

  • Loop through all students in listOfStudents and confirm:

    • Each has exactly 4 reviews.

    • Each meets or exceeds the required cutOffScore.

This enforces the academic and financial logic and prevents manipulation or premature execution by the principal.

Recommendations

Add the following require statements before _authorizeUpgrade(_levelTwo):

require(block.timestamp >= sessionEnd, "Session has not ended");
for (uint256 i = 0; i < listOfStudents.length; i++) {
address student = listOfStudents[i];
require(reviewCount[student] == 4, "Student missing reviews");
require(studentScore[student] >= cutOffScore, "Student failed cut-off");
}
Updates

Lead Judging Commences

yeahchibyke Lead Judge 7 months ago
Submission Judgement Published
Validated
Assigned finding tags:

can graduate without session end

`graduateAndUpgrade()` can be called successfully even when the school session has not ended

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!