Raisebox Faucet
First Flight #50
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Impact: low
Likelihood: low
Invalid

Missing check for by in adjustDailyClaimLimit()

hawks

Root + Impact

Description

In the adjustDailyClaimLimit function, there is no check to ensure by > 0, meaning the function can be called with a zero value. This results in no state change, yet still consumes gas.

Calling the function with by == 0 serves no purpose and could be interpreted as:

  • A careless implementation

  • A potential attempt to spam the blockchain

  • A way to mislead off-chain monitoring tools that detect contract activity

This makes the function vulnerable to useless or misleading transactions.

function adjustDailyClaimLimit(uint256 by, bool increaseClaimLimit) public onlyOwner {
uint266 previousLimit = dailyClaimLimit;
if (increaseClaimLimit) {
dailyClaimLimit += by;
} else {
if (by > dailyClaimLimit) {
revert RaiseBoxFaucet_CurrentClaimLimitIsLessThanBy();
}
dailyClaimLimit -= by;
emit DailyClaimedAdjusted(previousLimit, dailyClaimLimit, increaseClaimLimit);
}
}

Risk

Allowing by == 0 leads to:

  • Wasted gas for no functional purpose

  • Increased noise in transaction history

  • Difficulty for off-chain systems to interpret whether a real state change occurred


Likelihood: Medium

  • Wastes gas

Impact:

  • Useless operations that clutter history, waste gas, and reduce clarity


Proof of Concept

Recommended Mitigation

Add a simple guard clause:

+ require(by > 0, "Amount must be greater than zero");
Updates

Lead Judging Commences

inallhonesty Lead Judge 17 days ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.