xyzseer
commented
1 month ago if the question already exists, it's reused here https://github.com/seer-pm/demo/blob/4e56254cbd071b6f678a108ccdb8660951636d27/contracts/src/MarketFactory.sol#L383
Open hats-bug-reporter[bot] opened 1 month ago
xyzseer
commented
1 month ago if the question already exists, it's reused here https://github.com/seer-pm/demo/blob/4e56254cbd071b6f678a108ccdb8660951636d27/contracts/src/MarketFactory.sol#L383
Github username: -- Twitter username: -- Submission hash (on-chain): 0x29383166d2d8f7f23359fbdc95549c3065b02aae72f3b1b30050a09761eb8dab Severity: medium
Description: Description:
As we can see in the RealityETH_v3_0 documentation: "/// @param nonce A user-specified nonce used in the question ID. Change it to repeat a question."
A nonce is used to allow the user to repeat the same question, but within the MarketFactory contract the nonce in the function
askRealityQuestionis hard-coded touint256(0)disabling this option.Attack Scenario:
The users can't repeat a question