Raisebox Faucet

First Flight #50

Beginner FriendlySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

Incorrect burn logic

sharonilukhor

Description

The burnFaucetTokens() function implements an unsafe and illogical burn mechanism. Instead of burning tokens directly from the contract’s balance, it first transfers the entire token balance of the faucet to the owner’s address and then burns only the specified amountToBurn. This means the owner receives all the faucet tokens, potentially allowing them to keep or misuse any remaining tokens instead of burning them, leading to a loss of transparency and possible misuse of faucet funds.

Risk:

High — This vulnerability allows the contract owner to unintentionally or deliberately withdraw all faucet tokens under the guise of burning, effectively draining the faucet and preventing users from claiming tokens as intended.

Likelihood:

The issue will occur whenever the burnFaucetTokens() function is called, and since it’s an onlyOwner function, it depends on the owner’s actions. However, if triggered, it directly compromises the faucet’s purpose and token supply integrity.

Proof of Concept

// problematic lines inside burnFaucetTokens

_transfer(address(this), msg.sender, balanceOf(address(this)));

_burn(msg.sender, amountToBurn);

Recommended Mitigation

- function burnFaucetTokens(uint256 amountToBurn) public onlyOwner {

require(amountToBurn <= balanceOf(address(this)), "Faucet Token Balance: Insufficient");

// ❌ Vulnerable: transfers all faucet tokens to the owner

_transfer(address(this), msg.sender, balanceOf(address(this)));

// ❌ Only burns a portion, leaving the rest with the owner

_burn(msg.sender, amountToBurn);

}

+ function burnFaucetTokens(uint256 amountToBurn) public onlyOwner {

require(amountToBurn > 0, "Invalid burn amount");

require(amountToBurn <= balanceOf(address(this)), "Faucet Token Balance: Insufficient");

// ✅ Burns tokens directly from the faucet contract balance

_burn(address(this), amountToBurn);

}

Updates

Lead Judging Commences

inallhonesty Lead Judge 3 days ago

Submission Judgement Published

Validated

Assigned finding tags:

Unnecessary and convoluted logic in burnFaucetTokens

Rewards breakdown

nSLOC

157

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.