Submission Details
Impact:
Likelihood:
The `CancelParticipation` doesn't check for anyone calling the function if he's a participant.
Root + Impact
Description
In the cancelParticipation::briVault, the expected behavior is for a user who is a participant to cancel his participant in the betting vault before the eventStartDate commences which gives participant a room tp retrieve their staked asset for participantion but the cancelPanticipantion doesn't check if the address that's calling the function is a participant in the pool
// Root cause in the codebase with @> marks to highlight the relevant section
if (block.timestamp >= eventStartDate){
revert eventStarted();
}
uint256 refundAmount = stakedAsset[msg.sender];
Risk
This gives makes anyone to be able to withdraw from the pool or even distabilizes the whole sytem by not letting the user be able to cancel their participant and a denial of service.
Proof of Concept
Recommended Mitigation
- remove this code
if (block.timestamp >= eventStartDate){
revert eventStarted();
}
uint256 refundAmount = stakedAsset[msg.sender];
+ add this code
if (block.timestamp >= eventStartDate ) {
revert eventStarted();
}
if (msg.sender != usersAddress){
revert notStaked()
}
Rewards breakdown
nSLOC
193This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.