search

code-423n4 / 2022-12-forgeries-findings

0 stars 0 forks source link

redraw function should not be called when request is in flight #135

Open code423n4 opened 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2022-12-forgeries/blob/main/src/VRFNFTRandomDraw.sol#L204-L206

Vulnerability details

Impact

In case if request was sent, but result was not received it should not be possible to call redraw function

Proof of Concept

redraw function is created to ask for new random form chainlink in case if user hasn't claimed nft. https://github.com/code-423n4/2022-12-forgeries/blob/main/src/VRFNFTRandomDraw.sol#L204-L206

        if (request.drawTimelock >= block.timestamp) {
            revert TOO_SOON_TO_REDRAW();
        }

This check is present to control when you can call redraw. In case if respond time from chainlink is more than request.drawTimelock, then there is no need to call redraw as it's just waste of gas. You just need to wait, maybe chainlink subscription is not funded.

Tools Used

VsCode

Recommended Mitigation Steps

Use such check.

        if (request.drawTimelock >= block.timestamp || !request.hasChosenRandomNumber) {
            revert TOO_SOON_TO_REDRAW();
        }
c4-judge commented 1 year ago

gzeon-c4 changed the severity to G (Gas Optimization)

c4-judge commented 1 year ago

gzeon-c4 marked the issue as grade-b