Raisebox Faucet
First Flight #50
Beginner FriendlySolidity
100 EXP
View all submissions
Previous Next
Submission Details
Impact: medium
Likelihood: medium

Logic bug - `else { dailyDrips = 0; }` resets `dailyDrips` incorrectly

Author Revealed upon completion

Logic bug - else { dailyDrips = 0; } resets dailyDrips incorrectly

Description

  • In the ETH drip section:

if (!hasClaimedEth[faucetClaimer] && !sepEthDripsPaused) {
... // normal ETH drip logic
} else {
dailyDrips = 0;
}

The else branch resets dailyDrips whenever either (a) hasClaimedEth is true for the claimer or (b) drips are paused. This causes dailyDrips to be reset on claims by non-first-time claimers, effectively allowing the daily ETH cap to be bypassed. Example: an attacker who already claimed ETH (so hasClaimedEth == true) causes dailyDrips to be zeroed and then a first-time claimer can receive ETH again because the counter was reset incorrectly by others.

Impact: The daily ETH cap becomes unreliable and can be reset incorrectly by unrelated claims, enabling more ETH to be distributed than intended (cap bypass).

Risk

Likelihood: Medium

Impact: Medium (excess ETH distribution; could be exploited for repeated ETH drains)

Proof of Concept

1. Alice (first-time) calls and receives ETH => `dailyDrips` increments.
2. Bob (non-first-time) calls => `else` resets `dailyDrips` to 0.
3. Alice or another first-time caller again receives ETH even though the cap was exceeded earlier - the cap effectively bypassed.

Recommended Mitigation

Do not reset dailyDrips in the else. Remove the else block entirely:

- } else {
- dailyDrips = 0;
- }
+ // no dailyDrips reset here — dailyDrips only resets when day rolls over

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.