One Shot: Reloaded

First Flight #47

Beginner FriendlyNFT

100 EXP

View all submissions

Previous Next

Submission Details

Impact: high

Likelihood: high

An attacker can script the battle to always win against defenders.

Author Revealed upon completion

Root + Impact

Description

In rap_battle, users can put their rappers on stage by calling go_on_stage_or_battle. It is a 2-step transaction:

When the stage is empty, someone place their rapper with an arbitrary bet amount. This rapper is called the "defender".
When the stage has a defender, another user can place their rapper by matching the defender's bet. This rapper is known as the "challenger".

Once the challenger enters the stage, the winner is immediately decided, in the same transaction. Because the function is public entry, it can be run in a script where a malicious challenger could revert when they don't win the battle, offering them an unfair advantage.

Risk

Likelihood:

Easy to perform, a challenger using a correct script would never loose.

Impact:

The challenger would always win the battle.

Recommended Mitigation

Remove the public visibility from the function. This way, an attacker cannot script the transaction to revert if they don't win the battle.

- public entry fun go_on_stage_or_battle(

+ entry fun go_on_stage_or_battle(

Rewards breakdown

nSLOC

436

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.