GivingThanks

First Flight #28

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: low

Invalid

Bug Report: Missing Events for State-Changing Functions in GivingThanks.sol and CharityRegistry.sol

koinerdegen

Summary:
The contracts GivingThanks.sol and CharityRegistry.sol currently do not emit any events when state-changing functions are called. Events are a crucial part of smart contract design as they provide a transparent and traceable log of important actions. In the current state, there is no event emission for key actions like donations and charity verification, making it difficult for users and developers to track important state changes.

Vulnerability Details:
No any Vulnerability. Only code optimization.

Impact:
The lack of events affects:

Transparency: Users cannot easily trace state changes, making the contract less transparent.
dApp Integration: Off-chain applications that depend on event logs for real-time updates will not receive notifications.
Auditability: Without events, it is harder for developers and auditors to review the contract's behavior.

Tools Used:

Manual Code Review

Recommendations:
Add event definitions and emit them in the relevant functions to ensure proper logging of important state changes.

Solution:

In GivingThanks.sol, add the following event definition and emit the event in the donate() function:

// Event Definition

event DonateToCharity(address indexed _charity, address _donor);

// Updated Function

function donate(address charity) public payable {

require(registry.isVerified(charity), "Charity not verified");

(bool sent, ) = charity.call{value: msg.value}("");

require(sent, "Failed to send Ether");

_mint(msg.sender, tokenCounter);

// Emit Event

emit DonateToCharity(charity, msg.sender);

// Create metadata for the tokenURI

string memory uri = _createTokenURI(

msg.sender,

block.timestamp,

msg.value

);

_setTokenURI(tokenCounter, uri);

tokenCounter += 1;

}

2.In CharityRegistry.sol, add the following event definition and emit the event in the verifyCharity() function:

// Event Definition

event VerifiedCharity(address _charity);

// Updated Function

function verifyCharity(address charity) public {

require(msg.sender == admin, "Only admin can verify");

require(registeredCharities[charity], "Charity not registered");

verifiedCharities[charity] = true;

// Emit Event

emit VerifiedCharity(charity);

}

Updates

Lead Judging Commences

n0kto Lead Judge 10 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.