Submission Details
Severity:
Off-by-one / inequality in balance check prior to transfer
Off-by-one / inequality in balance check prior to transfer
Description
In claimFaucetTokens() the code checks:
@> if (balanceOf(address(this)) <= faucetDrip) {
revert RaiseBoxFaucet_InsufficientContractBalance();
}
If the contract balance equals exactly faucetDrip, the check reverts (i.e., the function requires strictly greater than faucetDrip). Typically the desired check is to allow transfer when balance >= faucetDrip (i.e., revert when < faucetDrip). Using <= disallows the last token drip.
Impact: Users are prevented from claiming when the contract holds exactly one faucetDrip unit; reduces usability (small).
Risk
Likelihood: High (easy to happen)
Impact: Low (minor UX/logical)
Proof of Concept
If `balanceOf(address(this)) == faucetDrip`, `claimFaucetTokens()` will revert with `InsufficientContractBalance()`.
Recommended Mitigation
Use < rather than <=:
- if (balanceOf(address(this)) <= faucetDrip) {
- revert RaiseBoxFaucet_InsufficientContractBalance();
- }
+ if (balanceOf(address(this)) < faucetDrip) {
+ revert RaiseBoxFaucet_InsufficientContractBalance();
+ }
Updates
Lead Judging Commences
inallhonesty 15 days ago
Submission Judgement Published Assigned finding tags:
Off-by-one error in `claimFaucetTokens` prevents claiming when the balance is exactly equal to faucetDrip
Rewards breakdown
nSLOC
157This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.