Raisebox Faucet

First Flight #50

Beginner FriendlySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: low

Valid

Business Logic : Minting logic and inequality flaws can lead to frequent balance revert

duma999

Business Logic : Minting logic and inequality flaws can leads to frequent balance revert

Description

The claimFaucetTokens has this inequality at the start of the function:

if (balanceOf(address(this)) <= faucetDrip) {

revert RaiseBoxFaucet_InsufficientContractBalance();

}

This means that even if there is sufficient balance for one more drip, the function will revert.

and the mintFaucetTokens function doesn't help because of this statement:

if (balanceOf(address(to)) > 1000 * 10 ** 18) {

revert RaiseBoxFaucet_FaucetNotOutOfTokens();

}

The balance check is set so that when the balance of the protocol is above 1000 * 10 ** 18 (= 1 faucetDrip), the owner can't mint a new token.
This means he is obligated to wait for the last drip possible before replenishing the protocol.

Risk

If the owner needs to wait until the last drip possible to be able to mint a new token, he/she will manually check the protocol tokens balance until the last drip before calling the minting function, and a lot of users can quickly call the claimFaucetTokens in a relatively small amount of time.
A revert RaiseBoxFaucet_InsufficientContractBalance(); can frequently append.

Proof of Concept

See the following scenario:

The balanceOf(address(this)) == 4000 * 10 ** 18.
The 2 users call claimFaucetTokens in a relatively small amount of time.
BalanceOf(address(this)) == 2000 * 10 ** 18.
Owner can't call the MintFaucetTokens, as if (balanceOf(address(to)) > 1000 * 10 ** 18) is not fulfilled.
2 users call claimFaucetTokens, in a relatively small amount of time.
Revert RaiseBoxFaucet_InsufficientContractBalance() is called for last user because of this check in claimFaucetTokens.
if (balanceOf(address(this)) <= faucetDrip)

Recommended Mitigation

The recommended mitigation can be to remove the statement in mintFaucetTokens and add strict inequality to claimFaucetTokens.

function mintFaucetTokens(address to, uint256 amount) public onlyOwner {

if (to != address(this)) {

revert RaiseBoxFaucet_MiningToNonContractAddressFailed();

}

- if (balanceOf(address(to)) > 1000 * 10 ** 18) {

- revert RaiseBoxFaucet_FaucetNotOutOfTokens();

- }

_mint(to, amount);

emit MintedNewFaucetTokens(to, amount);

}

function claimFaucetTokens() public {

...

- if (balanceOf(address(this)) <= faucetDrip)

+ if (balanceOf(address(this)) < faucetDrip) {

revert RaiseBoxFaucet_InsufficientContractBalance();

}

...

}

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 days ago

Submission Judgement Published

Validated

Assigned finding tags:

mintFaucetTokens is unusable due to logic/design mismatch with initial supply

Rewards breakdown

nSLOC

157

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.