https://github.com/Cyfrin/2024-08-MyCut/blob/main/src/ContestManager.sol
The fundContest
function checks if the sender has a sufficient balance but does not verify if the transferFrom
operation is successful. This oversight can lead to a scenario where the function proceeds without ensuring the transfer actually occurred, potentially resulting in the contest not being funded as intended.
If the sender does not have sufficient allowance set for the ContestManager
contract, the transferFrom
will fail, but the current code does not handle this failure explicitly. This can lead to failed transactions and incorrect funding of contests, causing potential loss of funds and operational issues.
Manual Review
Modify the fundContest
function to verify that the transferFrom
operation succeeds
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.