This could be considered as a DoS attack too? #106

pymachado · 2024-01-30T11:51:25Z

pymachado
Jan 30, 2024

In Lesson 34: Mishandling of ETH: Minimized in the PuppyRaffle security review, we checked a line of code like the one below:

require(address(this).balance == uint256(totalFees), "PuppyRaffle: There are currently players active!");

When the vulnerability is exploited by a Smart Contract attacker who uses selfdestruct() to force the victim contract to receive ether, it renders the above instruction unusable because now address(this).balance > uint256(totalFees). This results in the contract becoming unusable because you can't call the PuppRaffe::withdraw function again. Therefore, this can be considered a DoS attack, as users have been denied the service of withdrawal?

Answered by PatrickAlphaC

Jan 31, 2024

Sure could be :)

Often, one type of attack could fall in many categorizations of attacks.

Way to think critically on this!

View full answer

PatrickAlphaC · 2024-01-31T17:12:13Z

PatrickAlphaC
Jan 31, 2024
Maintainer

Sure could be :)

Often, one type of attack could fall in many categorizations of attacks.

Way to think critically on this!

1 reply

pymachado Feb 1, 2024
Author

Okay @PatrickAlphaC, thank you for your feedback

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

This could be considered as a DoS attack too? #106

{{title}}

Replies: 1 comment 1 reply

{{title}}

{{title}}

Select a reply

This could be considered as a DoS attack too? #106

pymachado Jan 30, 2024

Replies: 1 comment · 1 reply

PatrickAlphaC Jan 31, 2024 Maintainer

pymachado Feb 1, 2024 Author

pymachado
Jan 30, 2024

Replies: 1 comment 1 reply

PatrickAlphaC
Jan 31, 2024
Maintainer

pymachado Feb 1, 2024
Author