Submission Details
Severity:
ETH payer can not be participant. As `recieve` function is not updating the participants list.
Summary:
`ChristmasDinner::recieve` function is not updating participants list for that users who pays ETH to participate in dinner. The Reecieve function is not following doccumentation, as it is not handling user signup properly.
```javascript
receive() external payable {
@> etherBalance[msg.sender] += msg.value;
emit NewSignup(msg.sender, msg.value, true);
}
```
Impact:
ETH payer will assume that thay are not participants, will pay ETh again and again to participate.
Proof of concept:
Add this to `ChristmasDinnerTest.t.sol`.
Code:
```javascript
function testRecieveFunctionDoesNotUpdatingParticipants() public {
address participant = makeAddr("User");
vm.deal(participant, 10e18);
vm.prank(participant);
(bool sent, ) = address(cd).call{value: 1e18}("");
require(sent);
assertEq(cd.getParticipationStatus(participant), false);
}
```
Recommendations:
The `recieve` function shold be like mentioned below.
```diff
receive() external payable {
+ participant[msg.sender] = true;
etherBalance[msg.sender] += msg.value;
emit NewSignup(msg.sender, msg.value, true);
}
```
Updates
Lead Judging Commences
0xtimefliez 11 months ago
Submission Judgement Published Assigned finding tags:
receive does not update participation status
Rewards breakdown
nSLOC
129This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.