Puppy Raffle

AI First Flight #1

Beginner FriendlyFoundrySolidityNFT

EXP

View results

Previous Next

Submission Details

Impact: low

Likelihood: low

Invalid

Dead Internal Function _isActivePlayer Is Never Called, Increasing Audit Surface and Deployment Cost

sergios

Dead Internal Function _isActivePlayer Is Never Called, Increasing Audit Surface and Deployment Cost

Severity: Low

Description

_isActivePlayer is declared as an internal function but is never referenced anywhere in the contract. It performs the same player-lookup logic already
duplicated inline in other functions, yet it sits in the bytecode unused.
Dead code increases the contract's deployed bytecode size (raising deployment gas), misleads auditors into thinking the function is load-bearing, and may mask
the fact that its logic is not being applied where it should be.

@> function _isActivePlayer() internal view returns (bool) {
for (uint256 i = 0; i < players.length; i++) {
if (players[i] == msg.sender) {
return true;
}
}
return false;
}

Risk

Likelihood:

Present in every deployment — no external trigger required
The function is silently ignored by the compiler with no warning

Impact:

No direct funds-at-risk, but dead code inflates bytecode and increases deployment cost
Auditors and integrators may spend time tracing a function that has no effect, reducing audit efficiency
If the function was intended as an access guard (e.g. for refund), its absence means that guard is simply missing

Proof of Concept

A simple grep confirms zero call sites for _isActivePlayer in the entire codebase.

grep -n "_isActivePlayer" src/PuppyRaffle.sol

Only the definition appears — no call sites exist

Recommended Mitigation

Remove the dead function entirely. If it was intended to guard refund or another entry point, wire it in explicitly rather than leaving it unused.

function _isActivePlayer() internal view returns (bool) {

   for (uint256 i = 0; i < players.length; i++) {

```
       if (players[i] == msg.sender) {
```

           return true;

```
       }
```

```
   return false;
```
}

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 4 hours ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Rewards breakdown

This contest has a flat reward structure with the following payouts:

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being reviewed by our AI judge. Results will be available in a few minutes.

View all submissions

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!