Missing deadlineSet value update
Summary
In this contract the function 'setDeadline', based on a logic, should be called once. But this function can be called several times.
Vulnerability Details
To prevent this funciton from being executed again, a boolean variable 'deadlineSet' is needed. But its value is not updated.
The 'host' can execute function 'setDeadline' several times.
Impact
This vulnerability can lead to manipulations by the 'host' in relation to the 'participants'. For example, prevent refund, by setting deadline a lower value.
Recommendations
Set 'deadlineSet' to true after 'deadline' is set.
Also 'setDeadline' should be called from a constructor, as a deployer can probably forget to call it during initialisation at all.
Lead Judging Commences
deadline is never set to true
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.