Snowman Merkle Airdrop

First Flight #42

Beginner FriendlyFoundrySolidityNFT

100 EXP

View results

Previous Next

Submission Details

Severity: low

Valid

Logic error blocks the weekly free Snow token.

shadowyghost

Root + Impact

Snow::buySnow()

Description

A snow token is intended to be available for free once a week and can be bought at anytime, but an error in the logic to buy the token can stop the free token from being earned.
If a user buys a token before the free token has been earned, the timer for earning the free token is updated as if it has been earned, even though it hasn't.

function buySnow(uint256 amount) external payable canFarmSnow {

if (msg.value == (s_buyFee * amount)) {

_mint(msg.sender, amount);

} else {

i_weth.safeTransferFrom(msg.sender, address(this), (s_buyFee * amount));

_mint(msg.sender, amount);

}

@> s_earnTimer = block.timestamp;

emit SnowBought(msg.sender, amount);

}

Risk

Likelihood:

When a user buys snow token before the free token has been earned for the week

Impact:

The free token can't be earned.

Proof of Concept

Add the following test to the TestSnow test suite.
This test shows that trying to earn the free token after a user buys a token reverts.
User Ashley buys a token and another user Victory tries to earn the free token for the week but got denied.

function test_cant_earn_snow_after_buying() public {

weth.mint(ashley, FEE * 2);

vm.startPrank(ashley);

weth.approve(address(snow), FEE);

snow.buySnow(1);

vm.stopPrank();

assert(weth.balanceOf(address(snow)) == FEE);

assert(snow.balanceOf(ashley) == 1);

vm.prank(victory);

vm.expectRevert();

snow.earnSnow();

}

Recommended Mitigation

Don't update the earn timer when a token is bought.

function buySnow(uint256 amount) external payable canFarmSnow {

if (msg.value == (s_buyFee * amount)) {

_mint(msg.sender, amount);

} else {

i_weth.safeTransferFrom(msg.sender, address(this), (s_buyFee * amount));

_mint(msg.sender, amount);

}

- s_earnTimer = block.timestamp;

emit SnowBought(msg.sender, amount);

}

Updates

Lead Judging Commences

yeahchibyke Lead Judge 20 days ago

Submission Judgement Published

Validated

Assigned finding tags:

buying of snow resets global timer thus affecting earning of free snow

When buySnow is successfully called, the global timer is reset. This inadvertently affects the earning of snow as that particular action also depends on the global timer.

Rewards breakdown

nSLOC

215

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.