Zero-amount buySnow(0) call can Deny Service of earnSnow()
Description: The Snow::buySnow() does not validate that amount is non-zero, yet it always updates the global s_earnTimer to block.timestamp. Since earnSnow() checks that 'block.timestamp >= s_earnTimer + 1 weeks', an attacker can call 'buySnow(0)' at zero cost to reset the timer and indefinitely block all users from calling earnSnow() within each 1-week window. The attack is trivial to execute and costs only gas fees
Impact: No check against 'amount == 0' means an attacker can perpetually reset 's_earnTimer', causing 'earnSnow()' to revert for everyone. This attack can be repeated
indefinitely, effectively breaking a core protocol feature. The impact is significant to the token distribution model, though it doesn't directly lead to loss of user funds.
Proof of Concept: Include the following test in the TestSnow.t.sol file:
Recommended Mitigation: Add zero amount check:
Lead Judging Commences
buying of snow resets global timer thus affecting earning of free snow
When buySnow is successfully called, the global timer is reset. This inadvertently affects the earning of snow as that particular action also depends on the global timer.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.