Raisebox Faucet
First Flight #50
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Impact: low
Likelihood: low
Invalid

Magic Number in `mintFaucetTokens` Balance Check

0xsnoweth

Root + Impact

Description

  • The `mintFaucetTokens` function allows the owner to mint faucet tokens to the contract address, reverting if the balance exceeds 1000 tokens (with 18 decimals) to enforce a limit.


  • The issue is the use of a magic number `1000 * 10 ** 18` in the balance check, which reduces readability and maintainability, though the logic to revert when the balance exceeds 1000 tokens is intentional.


Likelihood:

  • During code maintenance or audits

When the owner mints tokens near the limit

Impact:

  • Decreases the code's clarity and ease of future updates due to the magic number.

  • The error name RaiseBoxFaucet_FaucetNotOutOfTokens() may confuse users, as it implies the faucet has tokens rather than exceeding a limit

Recommended Mitigation

+ uint256 public constant MAX_FAUCET_BALANCE = 1000 * 10 ** 18;
if (to != address(this)) {
revert RaiseBoxFaucet_MintingToNonContractAddressFailed();
}
- if (balanceOf(address(to)) > 1000 * 10 ** 18) {
- revert RaiseBoxFaucet_FaucetNotOutOfTokens();
+ if (balanceOf(address(to)) > MAX_FAUCET_BALANCE) {
+ revert RaiseBoxFaucet_MaxBalanceExceeded(); // Suggested rename for clarity
}
_mint(to, amount);
emit MintedNewFaucetTokens(to, amount);
Updates

Lead Judging Commences

inallhonesty Lead Judge 10 days ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.