Christmas Dinner
First Flight #31
Beginner FriendlyFoundrySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Host cannot withdraw Ether deposits due to incomplete withdraw() function implementation

0x180db

Summary

While the contract accepts both ERC20 tokens and Ether deposits, the withdraw() function only handles ERC20 token withdrawals, leaving any Ether deposits permanently locked in the contract with no way for the host to access them.

Vulnerability Details

The withdraw() function only transfers ERC20 tokens:
ChristmasDinner.sol#L194-L199

function withdraw() external onlyHost {
address _host = getHost();
i_WETH.safeTransfer(_host, i_WETH.balanceOf(address(this)));
i_WBTC.safeTransfer(_host, i_WBTC.balanceOf(address(this)));
i_USDC.safeTransfer(_host, i_USDC.balanceOf(address(this)));
}

While the contract accepts Ether through the receive() function:
ChristmasDinner.sol#L205-L208

receive() external payable {
etherBalance[msg.sender] += msg.value;
emit NewSignup(msg.sender, msg.value, true);
}

Impact

  • Host cannot access Ether deposits needed for event organization

  • All Ether sent to the contract becomes permanently locked after deadline

  • Undermines the core functionality of the contract as a fund collection mechanism

Tools Used

  • Manual code review

  • Performing formal verification with Quint

Recommendations

Add Ether withdrawal functionality to the withdraw() function

Updates

Lead Judging Commences

0xtimefliez Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

withdraw function lacks functionality to send ether

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!