Dria
Swan
NFTHardhat
21,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Misleading comments about asset status and omitted function in Swan contract

0xgondar

Summary

https://github.com/Cyfrin/2024-10-swan-dria/blob/c8686b199daadcef3161980022e12b66a5304f8e/contracts/swan/Swan.sol#L304

Swan contract contains misleading comments about a function that does not exist anywhere in the code and omits the implementation of a useful getter function.

Vulnerability Details

In Swan.sol, just above getListingPrice() function, there are comments suggesting that the following function should return the asset status (Active, Inactive or Sold) of a given asset. But the following function is function getListingPrice, and it returns the price of a given asset.

/// @notice Returns the asset status with the given asset address.
/// @dev Active: If the asset has not been purchased or the next round has not started.
/// @dev Inactive: If the assets's purchaseRound has passed or delisted by the creator of the asset.
/// @dev Sold: If the asset has already been purchased by the buyer.
// @audit misleading comments.
//@audit Comments mention a function that returns the asset status, but instead present a listing price getter function
function getListingPrice(address _asset) external view returns (uint256) {
return listings[_asset].price;
}

This situation creates confusion. Also the code could use that possible useful function in other parts for code effectiveness.

Impact

Low, since the omitted function is not falsely called anywhere in the code, but it affects code readibility.

Tools Used

Manual review

Recommendations

Either remove the comments, or add an actual getAssetStatus function.

Updates

Lead Judging Commences

inallhonesty Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.