Critical functions are not emitting events
Github
https://github.com/ArkProjectNFTs/bridge/blob/1bb58731d8e4c37a71d3611c8ea6163c9b019193/apps/blockchain/starknet/src/bridge.cairo#L360-L364
Summary
The functions set_bridge_l1_addr, set_l1_l2_collection_mapping, set_erc721_class_hash, and enable_white_list are sensitive setter functions in the bridge that modify critical state variables. These functions currently do not emit events, making it difficult for external observers or dApps to track and react to these changes. The absence of events reduces transparency and complicates the integration and monitoring of contract activity.
Impact
Without events:
External observers cannot easily track changes to critical state variables.
dApps and other integrations may face difficulties in monitoring and responding to state changes in real-time.
The overall transparency of the contract's operations is reduced, potentially leading to trust issues and operational inefficiencies.
Recommendation
To enhance transparency and facilitate better monitoring, incorporate appropriate event emissions within these setter functions. This will ensure that any changes to critical state variables are logged and can be easily tracked by external observers.
Lead Judging Commences
Informational / Gas
Please, do not suppose impacts, think about the real impact of the bug and check the CodeHawks documentation to confirm: https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity A PoC always helps to understand the real impact possible.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.