GivingThanks
First Flight #28
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Missing Donation Event in `donate` Function

mo_

Description
The donate function in the GivingThanks contract processes donations to verified charities. However, there is currently no event emitted to log the donation transaction. Emitting an event is crucial for tracking donations on the blockchain, allowing external applications and users to listen for and respond to donation activities.

Code Snippet

function donate(address charity) public payable {
require(registry.isVerified(charity), "Charity not verified");
(bool sent,) = charity.call{value: msg.value}(""); //@audit no zero address check . is verified is problamatic already . if zero address is provided , this call will success .
require(sent, "Failed to send Ether");
_mint(msg.sender, tokenCounter);
// Create metadata for the tokenURI
string memory uri = _createTokenURI(msg.sender, block.timestamp, msg.value);
_setTokenURI(tokenCounter, uri);
tokenCounter += 1; //
}

Impact

  • Lack of Transparency: Without an event, there is no way for external systems or users to track when a donation occurs, making it difficult to audit or verify donation activities.

  • Reduced Interoperability: Other contracts or decentralized applications (dApps) that rely on donation events will not be able to react to or display donation information, limiting the functionality of the ecosystem.

Recommendation
Add an event declaration for donations and emit this event within the donate function after a successful donation. This will provide a clear log of donation transactions on the blockchain.

Code Snippet

// Declare the Donation event
event Donation(address indexed donor, address indexed charity, uint256 amount);
function donate(address charity) public payable {
require(registry.isVerified(charity), "Charity not verified");
(bool sent,) = charity.call{value: msg.value}(""); //@audit no zero address check . is verified is problamatic already . if zero address is provided , this call will success .
require(sent, "Failed to send Ether");
_mint(msg.sender, tokenCounter);
// Emit the Donation event
emit Donation(msg.sender, charity, msg.value);
// Create metadata for the tokenURI
string memory uri = _createTokenURI(msg.sender, block.timestamp, msg.value);
_setTokenURI(tokenCounter, uri);
tokenCounter += 1; //
}
Updates

Lead Judging Commences

n0kto Lead Judge 12 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.