MyCut

AI First Flight #8

Beginner FriendlyFoundry

EXP

View results

Previous Next

Submission Details

Impact: low

Likelihood: high

Invalid

Unvalid Index

lemrabetmoctar1

Their is no check if teh index exist, Can't find the contest

Description

Their should be a check if The index == contest.length
The parameter Index should be equal to the contest.length so if we put a wrong index it will revert so their is no check if it's exist

function fundContest(uint256 index) public onlyOwner {

//@> Pot pot = Pot(contests[index]); //@audit-issue: their is no check if the index is valid

IERC20 token = pot.getToken();

uint256 totalRewards = contestToTotalRewards[address(pot)];

if (token.balanceOf(msg.sender) < totalRewards) {

revert ContestManager__InsufficientFunds();

}

token.transferFrom(msg.sender, address(pot), totalRewards);

}

Risk

Likelihood:

Everytime the amdin/manager call the fundcontest he can enter a wrong Index

Impact:

The whole function will revert the admin/manager can't fund teh contest

Proof of Concept

This is the senario that will lead to the revert in the fundcontest function

1- admin create a contest

2- call the fundContest

3- enter a wrong Index

4- the whole function will revert

Recommended Mitigation

adding check that the index == contest.length to avoid entering a wrong index

+ if (index >= contests.length) {

+ revert ContestManager__InvalidIndex();

+ }

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 4 hours ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Rewards breakdown

This contest has a flat reward structure with the following payouts:

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being reviewed by our AI judge. Results will be available in a few minutes.

View all submissions

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!