Vanguard
First Flight #56
Beginner FriendlyDeFiFoundry
100 EXP
View results
Previous Next
Submission Details
Impact: medium
Likelihood: high
Invalid

Phase State Stored Redundantly

shakah

The current phase is derived from multiple states which can cause the phase logic to drift from reality.

Description

  • Phase determination should be derived deterministically from launchStartBlock and block number.

  • The contract stores currentPhase in state while also recomputing phase dynamically. This introduces the risk of phase drift if state updates fail or are skipped, increasing audit and reasoning complexity.

uint256 public currentPhase;
// @> Phase is also recomputed dynamically via block.number
function getCurrentPhase() public view returns (uint256) {
if (launchStartBlock == 0) return 0;
uint256 blocksSinceLaunch = block.number - launchStartBlock;
if (blocksSinceLaunch < phase1Duration) {
return 1;
} else if (blocksSinceLaunch < phase1Duration + phase2Duration) {
return 2;
} else {
return 3;
}
}

Risk

Likelihood:

  • Occurs during phase transitions

  • Becomes more likely as logic complexity increases

Impact:

  • Inconsistent phase reporting

  • Harder to reason about protocol behavior

Proof of Concept

  1. Phase is recomputed via getCurrentPhase()

  2. Stored currentPhase differs due to missed update

  3. View functions and swap logic diverge

Updates

Lead Judging Commences

chaossr Lead Judge
17 days ago

Appeal created

chaossr Lead Judge 17 days ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!