Platform: Code4rena
Start Date: 20/09/2022
Pot Size: $100,000 USDC
Total HM: 4
Participants: 109
Period: 7 days
Judge: GalloDaSballo
Id: 163
League: ETH
Rank: 32/109
Findings: 2
Award: $525.56
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: zzykxx
Also found by: 8olidity, IllIllI, Lambda, berndartmueller, bytehat, devtooligan, hansfriese, imare, obront, philogy, shung, tonisives, zdhu, zkhorse
https://github.com/code-423n4/2022-09-artgobblers/blob/main/src/ArtGobblers.sol#L521-L567
If the provider stops working
RequestRandomSeed () will gobblerRevealsData. WaitingForSeed set to true
Only the provider can call acceptRandomSeed () will gobblerRevealsData. WaitingForSeed set to false
function acceptRandomSeed(bytes32, uint256 randomness) external { // The caller must be the randomness provider, revert in the case it's not. if (msg.sender != address(randProvider)) revert NotRandProvider(); // The unchecked cast to uint64 is equivalent to moduloing the randomness by 2**64. gobblerRevealsData.randomSeed = uint64(randomness); // 64 bits of randomness is plenty. gobblerRevealsData.waitingForSeed = false; // We have the seed now, open up reveals. emit RandomnessFulfilled(randomness); }
However, if for some reason the Provider cannot call acceptRandomSeed(). We need to update the provider. But obblerRevealsData. WaitingForSeed = = true. We can't update it. Stuck in a loop
function upgradeRandProvider(RandProvider newRandProvider) external onlyOwner { // Revert if waiting for seed, so we don't interrupt requests in flight. if (gobblerRevealsData.waitingForSeed) revert SeedPending(); randProvider = newRandProvider; // Update the randomness provider. emit RandProviderUpgraded(msg.sender, newRandProvider); }
vscode
Add an emergency rescue function
#0 - Shungy
2022-09-28T18:53:23Z
#1 - GalloDaSballo
2022-09-29T21:30:57Z
🌟 Selected for report: IllIllI
Also found by: 0x1f8b, 0x4non, 0x52, 0x5rings, 0xNazgul, 0xRobocop, 0xSmartContract, 0xdeadbeef, 0xsanson, 8olidity, Amithuddar, Aymen0909, B2, B353N, CertoraInc, Ch_301, Chom, CodingNameKiki, Deivitto, ElKu, Funen, JC, JohnnyTime, Kresh, Lambda, Noah3o6, RaymondFam, ReyAdmirado, RockingMiles, Rolezn, Sm4rty, SuldaanBeegsi, Tadashi, TomJ, Tomio, V_B, Waze, __141345__, a12jmx, ak1, arcoun, asutorufos, aviggiano, berndartmueller, bharg4v, bin2chen, brgltd, bulej93, c3phas, catchup, cccz, ch0bu, cryptonue, cryptphi, csanuragjain, delfin454000, devtooligan, djxploit, durianSausage, eighty, erictee, exd0tpy, fatherOfBlocks, giovannidisiena, hansfriese, ignacio, joestakey, ladboy233, lukris02, m9800, malinariy, martin, minhtrng, obront, oyc_109, pedr02b2, pedroais, pfapostol, philogy, prasantgupta52, rbserver, ronnyx2017, rotcivegaf, rvierdiiev, sach1r0, shung, simon135, throttle, tnevler, tonisives, wagmi, yixxas, zkhorse, zzykxx, zzzitron
55.1985 USDC - $55.20
https://github.com/code-423n4/2022-09-artgobblers/blob/main/src/ArtGobblers.sol#L733
Authentication can be improved
function gobble( uint256 gobblerId, address nft, uint256 id, bool isERC1155 ) external { // Get the owner of the gobbler to feed. address owner = getGobblerData[gobblerId].owner; // The caller must own the gobbler they're feeding. if (owner != msg.sender) revert OwnerMismatch(owner);
vscode
if(owner != msg.sender || !isApprovedForAll(owner, msg.sender) || getApproved(tokenId) != msg.sender) revert OwnerMismatch(owner);
#0 - csanuragjain
2022-09-28T12:27:47Z
Seems like duplicate of https://github.com/code-423n4/2022-09-artgobblers-findings/issues/298
#1 - GalloDaSballo
2022-09-29T23:00:18Z
#2 - GalloDaSballo
2022-10-08T23:58:44Z
R