BriVault

First Flight #52

Beginner FriendlySolidity

100 EXP

View results

Previous Next

Submission Details

Impact: high

Likelihood: high

Invalid

Incorrect Time Validation in `_setFinallizedVaultBalance()`

jufel

Description:

The _setFinallizedVaultBalance() function contains a critical logic error. It checks if block.timestamp <= eventStartDate and reverts with eventNotStarted(), when it should actually verify that the event has ended (i.e., block.timestamp > eventEndDate or at minimum block.timestamp > eventStartDate).

This function is called from setWinner(), which already correctly checks that block.timestamp > eventEndDate. However, the internal check uses the wrong comparison, making the function unusable if the event start date is in the past (which it always will be when setting the winner).

Impact:

The setWinner() function will always fail if eventStartDate has passed
Winners cannot be determined and users cannot withdraw their funds
All funds become permanently locked in the contract
Complete denial of service for the core functionality

Proof of Concept:

function testCannotSetWinnerDueToWrongTimeCheck() public {

// Setup

uint256 depositAmount = 10000 * 10**18;

vm.startPrank(attacker);

asset.approve(address(vault), depositAmount);

vault.deposit(depositAmount, attacker);

vault.joinEvent(0);

vm.stopPrank();

// Fast forward past event end date

vm.warp(block.timestamp + 31 days);

// Try to set winner - this will fail due to the bug

vm.expectRevert(BriVault.eventNotStarted.selector);

vault.setWinner(0);

// Winner cannot be set, funds are locked forever

}

Mitigation:

function _setFinallizedVaultBalance () internal returns (uint256) {

- if (block.timestamp <= eventStartDate) {

+ if (block.timestamp <= eventEndDate) {

revert eventNotStarted();

}

// ... rest of the code

}

Updates

Appeal created

bube Lead Judge 21 days ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

193

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!