`Soulmate::getDivorced` doesn't consider consent from other soulmate, leading to divorce only by the consent of a single soulmate
Summary
The Soulmate::getDivorced function allows any one of the soulmate to call it and get divorce without considering the consent from the other soulmate.
Divorce should take place either by the consent of both user or involve an arbiter but the current divorce scenario inside Soulmate contract doesn't consider the other soulmate and let any one of the soulmate to decide the divorce.
Vulnerability Details
The vulnerability is present in the Soulmate::getDivorced function which arises due to the fact that it allows only a single soulmate to take major decision on their divorce without considering the consent of other soulmate.
Any one of the soulmates can thus call getDivorced function and leads to their divorce without considering consent from other soulmate.
A divorce should occur either by the consent of both users or involvement of an arbiter but here any one of the soulmate can go for divorce.
Impact
Any one of the soulmate can decide for divorce without consent from other soulmate.
Tools Used
Manual Review
Recommendations
Either consider the consent from both the soulmates or involve the role of arbiter in the Soulmate contract for deciding the divorce.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.