Santa's List

AI First Flight #3

Beginner FriendlyFoundry

EXP

View results

Previous Next

Submission Details

Impact: high

Likelihood: high

Invalid

`SantasList::checkTwice` function do not function as intended, it could not set user to a new status, which cause user stuck with their `s_theListCheckedOnce` status

hmpippo

`SantasList::checkTwice` function do not function as intended, it could not set user to a new status, which cause user stuck with their `s_theListCheckedOnce` status

Description

SantasList::checkTwice function should able to changes an address to a new Status! But now if santa makes a mistake on the first check, they can never fix it and the person will be stuck with that status. This is especially bad if they are marked as naughty by mistake.

@> function checkTwice(address person, Status status) external onlySanta {

@> if (s_theListCheckedOnce[person] != status) {

revert SantasList__SecondCheckDoesntMatchFirst();

}

s_theListCheckedTwice[person] = status;

emit CheckedTwice(person, status);

}

Risk

Likelihood: High

Every time Santa try to set a different status as first time, this SantasList::checkTwice function will revert.

Impact: High

SantasList::checkTwice function should able to changes an address to a new Status! But now if santa makes a mistake on the first check, they can never fix it and the person will be stuck with that status. This is especially bad if they are marked as naughty by mistake.

Proof of Concept

Santa set user to NAUGHTY
Santa set user to NICE
Check SantasList::checkTwice function will revert

function testCantCheckTwiceDifferentStatus() public {

vm.startPrank(santa);

santasList.checkList(user, SantasList.Status.NAUGHTY);

vm.expectRevert();

santasList.checkTwice(user, SantasList.Status.NICE);

vm.stopPrank();

}

Recommended Mitigation

Remove the check and revert code of first time status.

function checkTwice(address person, Status status) external onlySanta {

- if (s_theListCheckedOnce[person] != status) {

- revert SantasList__SecondCheckDoesntMatchFirst();

- }

s_theListCheckedTwice[person] = status;

emit CheckedTwice(person, status);

}

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 23 hours ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Rewards breakdown

This contest has a flat reward structure with the following payouts:

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being reviewed by our AI judge. Results will be available in a few minutes.

View all submissions

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!

Santa's List

`SantasList::checkTwice` function do not function as intended, it could not set user to a new status, which cause user stuck with their `s_theListCheckedOnce` status

SantasList::checkTwice function do not function as intended, it could not set user to a new status, which cause user stuck with their s_theListCheckedOnce status

Description

Risk

Proof of Concept

Recommended Mitigation

Lead Judging Commences

Rewards breakdown

Live

Judging

Rewards Distribution

FAQs

`SantasList::checkTwice` function do not function as intended, it could not set user to a new status, which cause user stuck with their `s_theListCheckedOnce` status