SNARKeling Treasure Hunt

First Flight #59

Beginner FriendlyGameFiFoundry

100 EXP

View all submissions

Previous Next

Submission Details

Impact: medium

Likelihood: high

Duplicate Hash Constants in Noir Circuit Leads to Permanent Fund Lock.

Author Revealed upon completion

Root + Impact

Description

Root Cause

The Noir circuit in main.nr contains duplicate entries in the ALLOWED_TREASURE_HASHES array (indices 8 and 9 share the same hash value). This creates a deadlock where only 9 unique treasures can be claimed, permanently locking funds.

// Baked-in set of 10 allowed treasure hashes (pedersen hashes).

global ALLOWED_TREASURE_HASHES: [Field; 10] = [

1505662313093145631275418581390771847921541863527840230091007112166041775502,

-7876059170207639417138377068663245559360606207000570753582208706879316183353,

-5602859741022561807370900516277986970516538128871954257532197637239594541050,

2256689276847399345359792277406644462014723416398290212952821205940959307205,

10311210168613568792124008431580767227982446451742366771285792060556636004770,

-5697637861416433807484703347699404695743570043365849280798663758395067508,

-2009295789879562882359281321158573810642695913475210803991480097462832104806,

8931814952839857299896840311953754931787080333405300398787637512717059406908,

//@> -961435057317293580094826482786572873533235701183329831124091847635547871092,

//@> -961435057317293580094826482786572873533235701183329831124091847635547871092

];

Risk

Likelihood: High

Impact: High

Protocol Deadlock: The duplicate hash in Noir ensures the hunt can never be "completed" (9/10), which permanently bricks the withdraw() function for the owner, locking any remaining funds forever.

Proof of Concept

This PoC demonstrates the Protocol Deadlock where duplicate hashes in the Noir circuit prevent reaching the 10th claim.

Permanent Fund Lock (Duplicate Logic):

function test_LockedFundsDueToDuplicateHash() public {

(bytes memory proof, bytes32 treasureHash, address payable recipient) = _loadFixture();

vm.prank(participant);

hunt.claim(proof, treasureHash, recipient);

assertTrue(hunt.claimed(treasureHash));

assertEq(hunt.claimsCount(), 1);

vm.prank(participant);

vm.expectRevert(abi.encodeWithSelector(TreasureHunt.AlreadyClaimed.selector, treasureHash));

hunt.claim(proof, treasureHash, recipient);

vm.prank(owner);

vm.expectRevert("HUNT_NOT_OVER");

hunt.withdraw();

assertGe(address(hunt).balance, 10 ether);

}

Recommended Mitigation

The fix requires a two-step approach to restore both security and functionality.

Noir Fix: Replace the duplicate hash at index 9 in ALLOWED_TREASURE_HASHES with a unique Pedersen hash. This ensures all 10 allowed hashes are distinct and allows the hunt to complete.

Rewards breakdown

nSLOC

220

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!