Raisebox Faucet

First Flight #50

Beginner FriendlySolidity

100 EXP

View results

Previous Next

Submission Details

Impact: high

Likelihood: high

Invalid

[C-01] Missing Minimum Faucet Drip Enforcement Allows Full Token Drain in Single Claim

shahparv1310

The RaiseBoxFaucet contract allows users to claim faucet tokens via claimFaucetTokensfunction. However, the amount of tokens dispensed per claim (faucetDrip) is set during deployment and not bounded by any maximum limit. If faucetDrip is set equal to or greater than the contract’s total token balance, a single user can drain the entire faucet in one transaction.

This breaks the intended tokenomics, bypasses the dailyClaimLimit, and renders the faucet unusable for all other users.

Risk:

-Single-user drain: One user can claim all tokens in one transaction.

-No protection against oversized claims.

-Daily limit bypassed: It counts claims, not token amounts.

-Faucet becomes unusable for other users.

-Tokenomics broken: No fair distribution or throttling.

Proof of concept :

This test demonstrates how a single user can drain the entire faucet token supply in one claim due to the lack of a maximum faucetDrip enforcement.

function testAttackerDrainsAllTokens() public {

uint256 initialBalance = faucet.balanceOf(address(faucet));

assertEq(initialBalance, 1000 ether, "Contract should hold full supply");

// Attacker claims tokens

vm.prank(attacker);

faucet.claimFaucetTokens();

// Contract balance should now be zero

uint256 finalBalance = faucet.balanceOf(address(faucet));

assertEq(finalBalance, 0, "Contract drained in one claim");

// Attacker holds full supply

uint256 attackerBalance = faucet.balanceOf(attacker);

assertEq(attackerBalance, 1000 ether, "Attacker received full supply");

}

Recommended Mitigation:

// Add a maximum faucet drip constant

uint256 public constant MAX_FAUCET_DRIP = 10 ether;

// Validate faucetDrip during deployment and updates

require(faucetDrip_ <= MAX_FAUCET_DRIP, "Faucet drip too high");

// Track total tokens claimed per day

uint256 public dailyTokenClaimed;

// Enforce daily token cap

if (dailyTokenClaimed + faucetDrip > DAILY_TOKEN_CAP) {

revert RaiseBoxFaucet_DailyTokenCapReached();

}

dailyTokenClaimed += faucetDrip;

Updates

Lead Judging Commences

inallhonesty Lead Judge 9 days ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

157

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.