Incorrect assignment of registry in the GivingThanks.sol contract
Summary
The registry variable is expected to hold a reference to a deployed CharityRegistry contract. However, with this faulty assignment
Vulnerability Details
registry will point to an address that does not implement the CharityRegistry interface.
Any calls to registry's functions, like registry.isVerified(charity), will fail since the address does not map to a valid contract implementing those functions.
Impact
Failed transactions, since the contract cannot verify charity addresses without a proper CharityRegistry instance.
Loss of user/donor trust.
Tools Used
Manual review.
Recommendations
Update the constructor to use the inputted _registry parameter, instead of msg.sender, since this should be the address where the CharityRegistry is stored, i.e
constructor(address _registry) ERC721("DonationReceipt", "DRC") {````registry = CharityRegistry(_registry); // Correct assignment````owner = msg.sender; ````tokenCounter = 0;````}
Lead Judging Commences
finding-bad-registry-set-at-construction
Likelyhood: High, the parameter is not well used and won't be set. Impact: Low, can be changed with the setter and no one will be able to donate to malicious charity.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.