Raisebox Faucet
First Flight #50
Beginner FriendlySolidity
100 EXP
View all submissions
Previous Next
Submission Details
Impact: high
Likelihood: low
Invalid

[M-1] Contract allows the owner to set the `dailyClaimLimit` to Zero, potentially barring all incoming faucet claims and causing a DoS

Author Revealed upon completion

[M-1] Contract allows the owner to set the dailyClaimLimit to Zero, potentially barring all incoming faucet claims and causing a DoS

Description

  • Expected bahaviour In order for the faucet to work, the dailyClaimLimit should be set to a sensible value by the owner.

  • Problematic bahaviour The contract's code currently allows the owner to set the dailyClaimLimit to zero, breaking the faucet's intended functionality.

function adjustDailyClaimLimit(uint256 by, bool increaseClaimLimit) public onlyOwner {
if (increaseClaimLimit) {
dailyClaimLimit += by;
} else {
@> if (by > dailyClaimLimit) {
revert RaiseBoxFaucet_CurrentClaimLimitIsLessThanBy();
}
dailyClaimLimit -= by;
}
}

Risk

Likelihood: Low

  • This bug occurs when the user decreases the dailyClaimLimit by an amount equal to the current value.

Impact: High

  • The impact of this vulnerability is a completel lock on the faucet's functionality for as long as the dailyClaimLimit is at 0.

Proof of Concept

Add the following test in the Foundry test suite and run it with forge test --mt test_adjustDailyClaimLimit_ToZero_Succeeds.

Hypothetical Scenario

  1. Current dailyClaimLimit is 100

  2. Owner decreases the limit by 100, bringing it down to zero.

  3. All calls to the claimFaucetTokens function revert.

function test_adjustDailyClaimLimit_ToZero_Succeeds() public {
// Assert that the starting dailyClaimLimit is 100
assertTrue(raiseBoxFaucet.dailyClaimLimit() == 100, "Daily Claim limit not set to 100");
// Decrease the daily limit by 100
vm.prank(owner);
raiseBoxFaucet.adjustDailyClaimLimit(100, false);
// Assert that the daily limit has been set to 0
assertTrue(raiseBoxFaucet.dailyClaimLimit() == 0, "Daily Claim not set to 0");
// Assert that the claimFaucetTokens no longer works
vm.prank(user1);
vm.expectRevert(
abi.encodeWithSelector(
RaiseBoxFaucet.RaiseBoxFaucet_DailyClaimLimitReached.selector
)
);
raiseBoxFaucet.claimFaucetTokens();
}

Recommended Mitigation

To mitigate this vulnerability change the inequality to a strict one so that decreasing the dailyClaimLimit by a value equal to the currently stored value causes a revert:

function adjustDailyClaimLimit(uint256 by, bool increaseClaimLimit) public onlyOwner {
if (increaseClaimLimit) {
dailyClaimLimit += by;
} else {
+ if (by >= dailyClaimLimit) {
- if (by > dailyClaimLimit) {
revert RaiseBoxFaucet_CurrentClaimLimitIsLessThanBy();
}
dailyClaimLimit -= by;
}
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 2 days ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.