Misleading Comment Regarding Constant Value
Summary
The comment provided in the Distributor.sol at line 59 is misleading and could lead to confusion. The code declares a constant value using the constant keyword but states in a comment that the value can be changed in the future. This inconsistency might misguide stakeholders and impact the understanding of the contract's behavior.
Vulnerability Details
In the Distributor.sol, there is a constant declaration using the constant keyword for the variable COMMISSION_FEE with an assigned value of 500. However, the accompanying comment suggests that the value can be modified in the future. Since the constant keyword implies that the value cannot be changed after deployment, this contradictory comment raises concerns about the contract's intention.
Impact
The misleading comment could lead to misunderstanding or incorrect assumptions about the behavior of the COMMISSION_FEE constant. Developers and auditors might interpret the comment as indicating that the value can be changed dynamically, whereas the actual behavior is that the value remains constant after deployment. This inconsistency could result in incorrect decisions or potential vulnerabilities introduced during code maintenance.
Tools Used
Manual Review
Recommendations
Either update the comment to accurately reflect the constant behavior. For example:
Initial commission fee value of 500 (fixed after deployment)
or
If there is an intention to allow the value to be changed in the future, consider removing the constant keyword and replacing it with a state variable that can be modified.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.