c4-judge
commented
11 months ago Picodes marked the issue as satisfactory
Open code423n4 opened 12 months ago
c4-judge
commented
11 months ago Picodes marked the issue as satisfactory
c4-judge
commented
11 months ago Picodes marked the issue as confirmed for report
Lines of code
Vulnerability details
Issue mitigated
About the problem
Claimer.claimPrizescan be frontrunned to make whole tx revert if anyone will just claim at least 1 prize from the list that bot is going to claim.Solution
This issue is fixed now. In case if prize was already claimed, then 0 is returned. This is tracked inside Claimer.claimPrizes. In case if 0 is returned as claimed amount, then this prize is considered already claimed, so bot will not receive fee for it. As result, now even if bot is going to claim prize that was already claimed, then tx will not revert and other prizes will be claimed.