Sparkn

CodeFox Inc.

DeFiFoundryProxy

15,000 USDC

View results

Previous Next

Submission Details

Severity: medium

"Immutable COMMISSION_FEE Contradicts Comment Indicating Mutability"

auditism

Summary

Inconsistency between in the code comments and the actual implementation.

Vulnerability Details

Misleading Code Comment on Mutability of COMMISSION_FEE.
The COMMISSION_FEE variable is declared as a private constant with a value of 500. However, the accompanying code comment indicates that it can be changed in the future.

So there is no way to change this commission fee and it is marked as constant, until a deployment this value won't bulge.

Impact

While the code's functionality isn't directly impacted, developers or auditors who rely on comments for understanding might be misled. This can lead to incorrect assumptions about the contract's behavior, especially regarding future modifications or upgrades.

Tools Used

Manuel reviews

Recommendations

Delete this comment or add a function to change the commission fee.

Prize pool breakdown

Total prize

15,000 USDC

nSLOC

194

77 USDC / LOC

High Medium

14,000 USDC

Low

1,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.