Submission Details
Severity:
A user can get divorced even if not in a couple.
Description:
The Soulmate.sol::getDivorced function does not check if the caller is in a couple.
This means that if a "single" soulmate calls getDivorced, she will be marked as divorced. (from address 0 to be precise)
Impact:
A user can "shoot herself in the foot", perhaps unintentional. Since this is irreversible, it can be quite annoying.
Proof of Concept:
Please paste this test at the bottom in SoulmateTest.t.sol and run: forge test --mt test_singleSoulmateCanGetDivorced -vvvvv
function test_singleSoulmateCanGetDivorced() public {
vm.startPrank(soulmate1);
soulmateContract.getDivorced();
console2.log("divorce status is: ", soulmateContract.isDivorced());
assertEq(soulmateContract.isDivorced(), true);
}
Recommended Mitigation:
Add a require to check if a user is in a couple:
function getDivorced() public {
+ require(soulmateOf[msg.sender] != address(0), "you are not in a couple");
address soulmate2 = soulmateOf[msg.sender];
divorced[msg.sender] = true;
divorced[soulmateOf[msg.sender]] = true;
emit CoupleHasDivorced(msg.sender, soulmate2);
}
Rewards breakdown
nSLOC
233This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.