Summary

The withdrawFees function is designed to allow the contract owner to withdraw all fees from the contract's balance. However, the associated event FeeWithdrawn lacks indexed parameters, making it difficult to efficiently filter and search for this event in the blockchain logs.

Vulnerability Details

The event FeeWithdrawn(address owner, uint256 amount) does not include an indexed parameter, making it harder for external tools to efficiently query and filter events based on the owner's address or the amount withdrawn.

Events without indexed parameters are less useful for off-chain applications that rely on event data.

Indexing parameters allows external users or applications to filter specific events efficiently on the blockchain

Line Highlight:

Impact

Reduced Query Efficiency: The absence of indexed parameters makes it harder for off-chain systems (such as block explorers or dApps) to search and filter events by specific criteria (e.g., owner’s address).

Missed Opportunities for Filtering: Indexed parameters enable more efficient event filtering, which is especially important for tracking ownership and transaction amounts

Tools Used

Manual Review

Recommendations

1. Add Indexing to Event Parameters: Add the indexed keyword to the owner parameter to enable efficient searching and filtering by the owner's address.

Corrected Code:

By indexing the owner parameter in the event, external systems and users will be able to efficiently search and filter all FeeWithdrawn events based on the owner’s address.