Submission Details
Impact:
Likelihood:
Weak Validation of `performanceId` — Wasted Gas & Ambiguous Errors
Weak Validation of performanceId — Wasted Gas & Ambiguous Errors
Description
-
Normal behaviour: User calls
attendPerformance(performanceId)with an ID that exists. -
Issue: The function does not check whether
performanceIdis< performanceCount. If the caller passes a random large number, the function fetches an empty struct (startTime == 0) and reverts with "Performance is not active" after needless gas is spent.
function attendPerformance(uint256 performanceId) external {
@> require(isPerformanceActive(performanceId), "Performance is not active");
...
}
Risk
Likelihood:
Accidental user error or malicious griefing transaction can trigger the revert at any time.
Impact:
-
Each failed call burns ~20k gas; miners profit, users lose ETH.
-
Error message ambiguous; front-end may mis-diagnose the problem.
Proof of Concept
// With zero performances scheduled:
festivalPass.attendPerformance(123); // costs gas, reverts "not active"
Recommended Mitigation
function attendPerformance(uint256 performanceId) external {
+ require(performanceId < performanceCount, "Invalid performance id");
require(isPerformanceActive(performanceId), "Performance is not active");
...
}
Rewards breakdown
nSLOC
234This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.