Sparkn

Summary

The current design does not provide a mechanism or channel for winners who might feel they received an unfair share of the rewards, which can lead to dissatisfaction among participants.

Vulnerability Details

The issue stems from the fact that after the Supporters finish submitting their work, the organizer/owner will immediatly deploy a proxy and distribute the rewards after judging. If a supporter find that his compensation is not enough and that his submission needs an additionnal review, he will have not be able to request it, since the token sharing has been done once and for all.

POC: Dissatisfaction among Winners

Setup:

• Owner sets up a new Contest

• Sponsors fund the contest

• Multiple supporters submit their solutions.

• The organizer/wner/judges finish judging the contest.

• The owner calls the deployProxyAndDistributeByOwner or the organizer calls the deployProxyAndDistribute function by choosing the winners.

• A participant feels their contribution was undervalued and receives less than expected.

• Problem: Even if a supporter requets a review, there is no way to change the results as the token have already been shared.

Impact

• Dissatisfaction among participants can lead to mistrust in the platform.

• Loss of transparency

Tools Used

Manual review

Recommendations

• Publish the submissions results before calling create the proxy/distributing the rewards. And allow for a review period where users can submit their escalations.

• Introduce a more transparent reward distribution system, detailing the breakdown of how rewards are allocated.