Raisebox Faucet
First Flight #50
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Incorrect Accounting Logic in `dailyDrips` Variable

player

Description

The dailyDrips variable is designed to track the cumulative amount of Sepolia ETH distributed through the faucet each day. It is reset to zero once per day and incremented by sepEthAmountToDrip each time a user claims drips via the claimFaucetTokens function in the RaiseBoxFaucet protocol.

However, the current implementation exhibits unintended behavior:

  1. If the same user calls claimFaucetTokens again after the cooldown period, the dailyDrips variable is reset to zero, disrupting the accurate tracking of total daily drips.

2, A similar issue occurs when the owner pauses ETH drips using toggleEthDripPause and another user subsequently invokes claimFaucetTokens.

This results in incorrect recalculations of dailyDrips, leading to inconsistencies in the faucet’s daily distribution logic.

} else {
@> dailyDrips = 0;
}

Risk

Likelihood:

  • Reason 1: Whenever a user attempts to call claimFaucetTokens multiple times after a cooldown period

  • Reason 2: If the claiming was paused by the owner

Impact:
The miscalculation of the dailyDrips variable prevents the first condition in the following check from functioning as intended:

if (dailyDrips + sepEthAmountToDrip <= dailySepEthCap && address(this).balance >= sepEthAmountToDrip) {

As a result, the protocol may incorrectly skip or miscalculate daily Sepolia ETH distributions, leading to inaccurate enforcement of the dailySepEthCap and potential over distribution of tokens.

Proof of Concept

Paste this code snippet in RaiseBoxFaucet.t.sol and run forge test --mt test_dailyDripCalculation -vvvv

function test_dailyDripCalculation() public {
vm.startPrank(user1);
raiseBoxFaucet.claimFaucetTokens();
console.log("DailyDrips:",raiseBoxFaucet.dailyDrips());
vm.startPrank(user2);
raiseBoxFaucet.claimFaucetTokens();
console.log("DailyDrips:",raiseBoxFaucet.dailyDrips());
//cool down period
advanceBlockTime(block.timestamp + 3 days);
vm.startPrank(user2);
raiseBoxFaucet.claimFaucetTokens();
console.log("DailyDrips:",raiseBoxFaucet.dailyDrips());
assertTrue(
raiseBoxFaucet.dailyDrips()==0
);
//again if the owner pauses the drip
vm.startPrank(user3);
raiseBoxFaucet.claimFaucetTokens();
console.log("DailyDrips:",raiseBoxFaucet.dailyDrips());
vm.startPrank(user4);
raiseBoxFaucet.claimFaucetTokens();
console.log("DailyDrips:",raiseBoxFaucet.dailyDrips());
vm.startPrank(owner);
raiseBoxFaucet.toggleEthDripPause(true);
assertTrue(raiseBoxFaucet.sepEthDripsPaused());
vm.startPrank(user5);
raiseBoxFaucet.claimFaucetTokens();
console.log("DailyDrips:",raiseBoxFaucet.dailyDrips());
assertTrue(
raiseBoxFaucet.dailyDrips()==0
);
}

Recommended Mitigation

Remove the redundant else block (lines 211–213) to ensure that the dailyDrips variable maintains accurate cumulative accounting throughout the day.

- else {
- dailyDrips = 0;
- }
Updates

Lead Judging Commences

inallhonesty Lead Judge 12 days ago
Submission Judgement Published
Validated
Assigned finding tags:

dailyDrips Reset Bug

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.