Beitrag
Teile dein Wissen.
Does mitigation of DoS in Section 4 Lesson 15 work correctly?
I am currently working on Section 4 Lesson 15 and addressing the PuppyRaffle::enterRaffle function. I have identified a potential issue with the second recommended mitigation of DoS.
function enterRaffle(address[] memory newPlayers) public payable {
require(msg.value == entranceFee * newPlayers.length, 'PuppyRaffle: Must send enough to enter raffle');
for (uint256 i = 0; i < newPlayers.length; i++) {
players.push(newPlayers[i]);
addressToRaffleId[newPlayers[i]] = raffleId;
}
for (uint256 i = 0; i < newPlayers.length ; i++) {
require(addressToRaffleId[newPlayers[i]] != raffleId, 'PuppyRaffle: Duplicate player');
}
}
The concern is that the duplicate check in the function will always fail due to the way addressToRaffleId[newPlayers[i]] is being set to raffleId for each new player. This results in the condition addressToRaffleId[newPlayers[i]] != raffleId never being true for new players, rendering the duplicate check ineffective.
I would like to confirm if my understanding of this issue is correct. Any insights or feedback on this matter would be greatly appreciated.
- Security
- Solidity
- Smart Contract
Antworten
1Thank you for pointing that out. While the example provided was intended to be brief, I agree that its inclusion in the recommendations section would not be advisable. Therefore, I recommend removing it from that section.
Weißt du die Antwort?
Bitte melde dich an und teile sie.
Cyfrin Updraft is an education platform specializing on teaching the next generation of smart contract developers