Submission Details
Impact:
Likelihood:
`enterRaffle()` allows an empty `newPlayers` array.
Root + Impact
Description
If `newPlayers.length == 0`, the check becomes `require(msg.value == 0)` and the function emits `RaffleEnter(newPlayers)` without adding players.
// Root cause in the codebase with @> marks to highlight the relevant section
Risk
Likelihood:
When someone calls raffle::enterraffle with an empty addresses array.
Impact:
Users can spam events cheaply and downstream indexers/UIs might treat this as a valid raffle entry.
Proof of Concept
Place the following test into `PuppyRaffleTest.t.sol`.
```solidity
function test_enterRaffle_allowsEmptyArrayAndZeroValue() public {
PuppyRaffle raffle = new PuppyRaffle(1 ether, address(123), 0);
address[] memory empty = new address[](0);
// With an empty array, msg.value == entranceFee * 0 == 0
// This call succeeds but does not add any players.
raffle.enterRaffle{value: 0}(empty);
}
```
Recommended Mitigation
Add a non-empty check.
```diff
function enterRaffle(address[] memory newPlayers) public payable {
+ require(newPlayers.length > 0, "PuppyRaffle: newPlayers array must not be empty");
require(msg.value == entranceFee * newPlayers.length, "PuppyRaffle: Must send enough to enter raffle");
for (uint256 i = 0; i < newPlayers.length; i++) {
players.push(newPlayers[i]);
}
}
```
Rewards breakdown
This contest has a flat reward structure with the following payouts:
Live
The contest is live. Earn rewards by submitting a finding.
Judging
Submissions are being reviewed by our AI judge. Results will be available in a few minutes.
View all submissionsRewards Distribution
The contest is complete and the rewards are being distributed.