Submission Details
Severity:
Function `CharityRegistry::isVerified` is returning true if the charity is registered without being verified.
Summary
Function CharityRegistry::isVerified returns true if the charity is in the registered charities and not in the verified charities.
Impact
Any registered charity is eligible to receive donations by anyone, regardless of them being verified or not by the admin.
Add the following test to `GivingThanks.t.sol` test:
```javascript
function testIsVerifiedAlwaysTrue() public {
address unverifiedCharity = address(0x4);
registryContract.registerCharity(unverifiedCharity);
assertEq(registryContract.isVerified(unverifiedCharity),true);
}
```
**Proof of Concept **
Add the following test to GivingThanks.t.sol test:
function testIsVerifiedAlwaysTrue() public {
address unverifiedCharity = address(0x4);
registryContract.registerCharity(unverifiedCharity);
assertEq(registryContract.isVerified(unverifiedCharity),true);
}
Recommendations Change `CharityRegistry::isVerified` to search for verified charities from the mapping `CharityRegistry::verifiedCharities`.
function isVerified(address charity) public view returns (bool) {
- return registeredCharities[charity];
+ return verifiedCharities[charity];
}
Updates
Lead Judging Commences
n0kto 10 months ago
Submission Judgement Published Assigned finding tags:
finding-isVerified-return-registered-charities
Likelyhood: High, the function returns registered charities instead of verified ones. Impact: High, Any charities can be registered by anyone and will be declared as verified by this function bypassing verification.
Rewards breakdown
nSLOC
67This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.