F-2024-0008·centralization-risk

Token Removal During Ongoing Raffle

Acknowledgeddexammraffle
TL;DR

removeToken can be called by the owner during an active raffle, which can invalidate user entries, distort the prize pool, or be used to manipulate the raffle outcome.

Severity
MEDIUM
Impact
MEDIUM
Likelihood
MEDIUM
Method
MManual review
CAT.
Complexity
LOW
Exploitability
LOW
02Section · Description

Description

The MonadexV1Raffle contract currently allows the owner to remove supported tokens at any time using the removeToken function. This function lacks safeguards to prevent token removal during an active raffle cycle. The ability to alter the set of supported tokens mid-raffle introduces a significant vulnerability that could compromise the integrity and fairness of the entire raffle system.

When a raffle is ongoing, participants have already committed their tokens and received entries based on the current set of supported tokens. Removing a token during this critical period could have far-reaching consequences on the raffle's mechanics, prize distribution, and overall fairness.

03Section · Impact

Impact

There are a few concerning things:

Firstly, removing a token that participants have already used to enter the raffle could invalidate their entries or alter their chances of winning unfairly. For instance, if a popular entry token is removed, it could disproportionately affect a large number of participants, effectively nullifying their participation without recourse.

Secondly, the raffle's prize pool and distribution mechanism may be compromised. If the removed token was meant to be part of the prize, winners could find themselves unable to claim their rewards in the promised token, leading to disputes and potential loss of funds.

Moreover, this vulnerability opens the door to potential manipulation. A malicious or compromised owner could strategically remove tokens to influence the outcome of the raffle, favoring certain participants over others. This power to alter the fundamental rules of the raffle mid-game severely undermines the trustworthiness and perceived fairness of the entire system.

04Section · Recommendation

Recommendation

Addressing this vulnerability requires implementing strict safeguards and improving the overall architecture of the raffle system. Here's a comprehensive approach to mitigate this issue:

  1. Implement a robust raffle state management system. This system should clearly define different stages of the raffle (e.g., Inactive, RegistrationOpen, RegistrationClosed, DrawingWinners, Completed) and enforce strict rules about what actions are allowed in each state.
  2. Modify the removeToken function to include a state check:
solidity
function removeToken(address _token) external onlyOwner {
    require(s_raffleState == RaffleState.Inactive, "Cannot modify tokens during active raffle");
    // Existing removal logic
}
ZEALYNX SECURITY · published 2024-09-18
F-2024-0008

oog
zealynx

Smart Contract Security Digest

Monthly exploit breakdowns, audit checklists, and DeFi security research — straight to your inbox

REQUEST AN AUDIT

Quick Links

Services

Company

Resources

© 2026 Zealynx