Users sending extra amount as appreciation to the seller via `MartenitsaMarketplace::buyMartenitsa` function, leads to extra amount being stuck in `MartenitsaMarketplace` contract.
Summary
The user s sending extra eth amount while buying the producer's martenitsa token, will make that extra eth amount sent getting stuck in the MartenitsaMarketplace contract and it cannot be recovered back.
Vulnerability Details
The vulnerability is present in the MartenitsaMarketplace::buyMartenitsa function where it accumulates the extra eth amount being sent in the contract itself and there is no way to recover it.
Impact
The user sending extra eth amount to the producer as a token of appreciation, will make the extra eth amount getting stuck in MartenitsaMarketplace contract and is not actually sent to the producer.
Tools Used
Manual Review
Recommendations
Transfer the whole msg.value to the seller.
Lead Judging Commences
Excess ETH not refunded to the user
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.