First Flight #9: Soulmate
First Flight #9
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

**Soulmate being able to withdraw `LoveToken` from the period after divorce, leading to a loss of funds to protocol**

i3arba

  • Soulmate being able to withdraw LoveToken from the period after divorce, leading to a loss of funds to protocol

    • Description:

      • Even though the parties must accept some loss in a divorce, it can not be the protocol. The implemented logic on Airdrop::claim allows divorced soulmates to claim tokens after the divorce.

    • Impact:

      • Divorced soulmates withdrawing Airdrop funds and breaking the protocol goal.

    • Proof of Code:

    • Soulmate1 getDivorced from soulmate2

    • Soulmate2 claims the LoveToken

    • Soulmate2 awaits 100 days

    • Soulmate2 claims more LoveToken

      Add the code below on `Airdrop.t.sol` file
      function test_ClaimOfAccumulateLoveTokenAfterDivorce() public {
      _mintOneTokenForBothSoulmates();
      vm.warp(block.timestamp + 200 days + 1 seconds);
      vm.prank(soulmate1);
      soulmateContract.getDivorced();
      vm.prank(soulmate2);
      airdropContract.claim();
      assertTrue(loveToken.balanceOf(soulmate2) == 200 ether);
      vm.warp(block.timestamp + 100 days + 1 seconds);
      vm.prank(soulmate2);
      airdropContract.claim();
      assertTrue(loveToken.balanceOf(soulmate2) == 300 ether);
      }

    • Recommendation:

      • Adjust the Soulmate::isDivorced function as follows:

        Add the code below on `Soulmate` file
        - function isDivorced() public view returns (bool) {
        + function isDivorced(address _user) public view returns (bool) {
        - return divorced[msg.sender];
        + return divorced[_user];
        }

      • Adjust the Airdrop::claim function as follows:

        Add the code below on `Soulmate` file
        function claim() public {
        address soulmate = soulmateContract.soulmateOf(msg.sender);
        if (soulmate == address(0))
        revert Airdrop__YouMustHaveASoulmateToClaim();
        // No LoveToken for people who don't love their soulmates anymore.
        - if (soulmateContract.isDivorced()) revert Airdrop__CoupleIsDivorced();
        + if (soulmateContract.isDivorced(msg.sender)) revert Airdrop__CoupleIsDivorced();
        // Calculating since how long soulmates are reunited
        //@external call before state change
        uint256 numberOfDaysInCouple = (block.timestamp -
        soulmateContract.idToCreationTimestamp(
        soulmateContract.ownerToId(msg.sender)
        )) / daysInSecond;
        uint256 amountAlreadyClaimed = _claimedBy[msg.sender];
        if (
        amountAlreadyClaimed >=
        numberOfDaysInCouple * 10 ** loveToken.decimals()
        ) revert Airdrop__PreviousTokenAlreadyClaimed();
        uint256 tokenAmountToDistribute = (numberOfDaysInCouple *
        10 ** loveToken.decimals()) - amountAlreadyClaimed;
        // Dust collector
        if (
        tokenAmountToDistribute >=
        loveToken.balanceOf(address(airdropVault))
        ) {
        tokenAmountToDistribute = loveToken.balanceOf(
        address(airdropVault)
        );
        }
        _claimedBy[msg.sender] += tokenAmountToDistribute;
        emit TokenClaimed(msg.sender, tokenAmountToDistribute);
        loveToken.transferFrom(
        address(airdropVault),
        msg.sender,
        tokenAmountToDistribute
        );
        }
Updates

Lead Judging Commences

0xnevi Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

finding-isDivorced-wrong-check

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.