`isVerified()` of `CharityRegistry.sol` returns unverified charities
Summary
isVerified() of CharityRegistry.sol returns registeredCharities,anyone can just call registerCharity()to obtaining verified certification.
Vulnerability Details
isVerified() of CharityRegistry.sol returns registeredCharities :
anyone can just call registerCharity()to obtaining verified certification:
Impact
Since anyone can freely register as a charity, the charity permission check in the donate function becomes ineffective:
An attacker can register any address as a charity, perform a donation (even donating to themselves), and receive the corresponding issued ERC721 tokens.
Tools Used
foundry
Recommendations
fix code like this:
Lead Judging Commences
finding-isVerified-return-registered-charities
Likelyhood: High, the function returns registered charities instead of verified ones. Impact: High, Any charities can be registered by anyone and will be declared as verified by this function bypassing verification.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.