GivingThanks
First Flight #28
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

Wrong initialization of `CharityRegistry` address in the `GivingThanks` contract constructor

predator

Summary

Wrong initialization CharityRegistry in the GivingThanks contract constructor led to use wrong address: msg.sender instead of address _registry CharityRegistry address.

Vulnerability Details

constructor(address _registry) ERC721("DonationReceipt", "DRC") {
@> registry = CharityRegistry(msg.sender);
owner = msg.sender;
tokenCounter = 0;
}

Impact

The CharityRegistry contract would be initialized with msg.sender, which refers to the account deploying the contract, not the intended charity registry address (_registry). This misassignment could mean the contract operates with a completely wrong registry.

Tools Used

Manual, Foundry

Recommendations

constructor(address _registry) ERC721("DonationReceipt", "DRC") {
- registry = CharityRegistry(msg.sender);
+ registry = CharityRegistry(_registry);
owner = msg.sender;
tokenCounter = 0;
}
Updates

Lead Judging Commences

n0kto Lead Judge 10 months ago
Submission Judgement Published
Validated
Assigned finding tags:

finding-bad-registry-set-at-construction

Likelyhood: High, the parameter is not well used and won't be set. Impact: Low, can be changed with the setter and no one will be able to donate to malicious charity.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.