Raisebox Faucet
First Flight #50
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: low
Valid

Claimers cannot claim when Faucet balance is just enough

mkozhuharov

Root + Impact / Claimers cannot claim when Faucet balance is just enough

Description

  • When there is sufficient Faucet Token balance for at least one claim, users should be able to claim and reduce the faucet balance to zero.

  • In the RaiseBoxFaucet.sol::claimFaucetTokens function, the balance check uses a less-than-or-equal comparison (<=) against faucetDrip. As a result, when the remaining balance is exactly equal to the faucetDrip amount, users are unable to claim - even though there is enough balance for one final claim.

@> if (balanceOf(address(this)) <= faucetDrip) {
revert RaiseBoxFaucet_InsufficientContractBalance();
}

Risk

Likelihood:

  • The issue occurs each time the Faucet Token balance is exactly equal to the faucetDrip value.

Impact:

  • Users are prevented from claiming tokens despite there being enough balance for one more claim. This causes the faucet to become partially unusable and leaves residual tokens locked in the contract.

Proof of Concept

Add the following test to RaiseBoxFaucet.t.sol to reproduce the issue:

function test_audit_claimersCannotClaimWhenFaucetBalanceIsJustEnough()
public
{
vm.startPrank(owner);
raiseBoxFaucet.burnFaucetTokens(INITIAL_SUPPLY_MINTED);
raiseBoxFaucet.mintFaucetTokens(
address(raiseBoxFaucet),
raiseBoxFaucet.faucetDrip()
);
vm.stopPrank();
// Make sure we have enough balance for 1 more Faucet drip
assertEq(
raiseBoxFaucet.getFaucetTotalSupply(),
raiseBoxFaucet.faucetDrip()
);
vm.prank(user1);
vm.expectRevert(
RaiseBoxFaucet.RaiseBoxFaucet_InsufficientContractBalance.selector
);
raiseBoxFaucet.claimFaucetTokens();
}

Recommended Mitigation

Use a strict less-than comparison (<) instead of less-than-or-equal (<=) when checking the faucet balance.

- if (balanceOf(address(this)) <= faucetDrip) {
+ if (balanceOf(address(this)) < faucetDrip) {
revert RaiseBoxFaucet_InsufficientContractBalance();
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 5 days ago
Submission Judgement Published
Validated
Assigned finding tags:

Off-by-one error in `claimFaucetTokens` prevents claiming when the balance is exactly equal to faucetDrip

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.