Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
code423n4Code4renaCODE423N4:2023-01-RABBITHOLE-FINDINGS-ISSUES-649
HistoryJan 30, 2023 - 12:00 a.m.

Immutable varibles should be checked to there default values

2023-01-3000:00:00
Code4rena
github.com
4
immutable variables
default values
wasted quest creation
zero rewards
JSON

Lines of code
<https://github.com/rabbitholegg/quest-protocol/blob/8c4c1f71221570b14a0479c216583342bd652d8d/contracts/Quest.sol#L17-L18&gt;
<https://github.com/rabbitholegg/quest-protocol/blob/8c4c1f71221570b14a0479c216583342bd652d8d/contracts/Quest.sol#L13&gt;

Vulnerability details

Impact

 It is very important to check whether the immutable variables are not equal to the default values because if  Quest is created and when we pass a 
 default value to a variable then it can't be changed and it can lead to a problem.

Proof of Concept

  Suppose while creating quests we have passed the total participants equal to 0 then  creating this quest is actually wasted because no one can mint 
  an NFT and claim the reward and also with the rewardAmountInWeiOrTokenId if it passed 0 even if they are claimers then the rewards will be 0 only.

Tools Used

  Pen and Paper

Recommended Mitigation Steps

  Always have the immutable variables check whether they are not equal to their default value.

The text was updated successfully, but these errors were encountered:

All reactions

JSON