Beginner FriendlyDeFiFoundry
100 EXP
View results
Submission Details
Severity: low
Invalid

No function to update the root

Summary

There is no function to update the root but an event for that is created

Vulnerability Details

As the root can't be updated a Merkle validation can only be performed for the initial four addresses.
Probably the contract owners intend to add more addresses in the future, if not they wouldn't have used Merkle tree for four addresses, and the event
event MerkleRootUpdated(bytes32 newMerkleRoot); is created which, but a function was forgotten to be added.

Impact

Only the initial four addresses can claim the reward.

Tools Used

Manual review

Recommendations

Add an option for the owner to update the root.

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Info

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.