`msg.sender` is used instead of _registry which cuases `isVerified()` to fail.
Summary
The constructor takes a registry parameter but ignores it and uses msg.sender instead. This means the CharityRegistry is being set to the wrong address, which would cause isVerified() checks to fail.
Vulnerability Details
The constructor of the GivingThanks contract takes a _registry parameter but instead of using it, it sets the registry variable to msg.sender. This means the CharityRegistry is being set to the wrong address, which would cause the isVerified() function to always return false. This affects the whole functionality of the GivingThanks contract, causing it to revert when a donor tries to donate.
Impact
The donate() function in the GivingThanks contract will always fail the require(registry.isVerified(charity), "Charity not verified") check, because the CharityRegistry is set to the wrong address.
Tools Used
Manual review
Recommendations
The constructor of the GivingThanks contract should be updated to correctly set the registry variable using the provided _registry parameter, as shown in the provided.
Lead Judging Commences
finding-bad-registry-set-at-construction
Likelyhood: High, the parameter is not well used and won't be set. Impact: Low, can be changed with the setter and no one will be able to donate to malicious charity.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.