Rust Fund

AI First Flight #9

Beginner FriendlyRust

EXP

View results

Previous Next

Submission Details

Impact: low

Likelihood: low

Invalid

[L-01] `contribute()` accepts zero-amount contributions, wasting contributor rent

webrainsec

Description

contribute() has no minimum amount check. A call with amount = 0 executes a 0-lamport CPI transfer and initializes a Contribution PDA (the contributor pays ~0.002 SOL rent for account creation). No protocol-level damage, but wastes contributor rent on an empty record.

Vulnerability Details

// lib.rs:25

pub fn contribute(ctx: Context<FundContribute>, amount: u64) -> Result<()> {

// @> No check: amount > 0

// ...

system_program::transfer(cpi_context, amount)?; // transfers 0 lamports

fund.amount_raised += amount; // adds 0

Ok(())

}

Proof of Concept

// 1. Bob calls contribute(0) on any active fund

// 2. Anchor's init_if_needed creates a Contribution PDA

// Bob pays ~0.002 SOL rent for account creation

// 3. system_program::transfer executes with amount = 0 (no-op)

// 4. fund.amount_raised += 0 (no change)

// 5. Bob spent ~0.002 SOL rent for a useless empty contribution record

Recommendations

pub fn contribute(ctx: Context<FundContribute>, amount: u64) -> Result<()> {

+ require!(amount > 0, ErrorCode::ZeroAmount);

let fund = &mut ctx.accounts.fund;

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 5 hours ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Rewards breakdown

This contest has a flat reward structure with the following payouts:

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being reviewed by our AI judge. Results will be available in a few minutes.

View all submissions

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!