DatingDapp
First Flight #33
Beginner FriendlyFoundrySolidityNFT
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Self-approval in DatingDapp Multisig creates undesirable social dynamics in MultiSig

kweks

Description: The current multisig design allows users to submit transactions and approve them in the same block. While this doesn't bypass the security requirement of dual signatures, it undermines the social dynamics of a dating platform by enabling pushy financial behavior before any meaningful interaction.

Impact: Medium

  • Does not compromise security as both signatures are still required

  • Creates negative social patterns in early dating stages

  • Undermines platform's goal of fostering genuine connections

  • May attract users more interested in quick access to pooled funds than dating

  • Sets poor precedent for financial communication in potential relationships

Proof of Code:

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.19;
import "forge-std/Test.sol";
import "../src/MultiSig.sol";
contract MultiSigWalletTest is Test {
MultiSigWallet public wallet;
address public owner1;
address public owner2;
address public recipient;
event TransactionCreated(uint256 indexed txId, address indexed to, uint256 value);
event TransactionApproved(uint256 indexed txId, address indexed owner);
function setUp() public {
owner1 = makeAddr("owner1");
owner2 = makeAddr("owner2");
recipient = makeAddr("recipient");
// Deploy wallet with both owners
wallet = new MultiSigWallet(owner1, owner2);
// Fund the wallet
vm.deal(address(wallet), 10 ether);
}
function testSelfApproval() public {
// Owner1 submits a transaction
vm.startPrank(owner1);
vm.expectEmit(true, true, false, true);
emit TransactionCreated(0, recipient, 1 ether);
wallet.submitTransaction(recipient, 1 ether);
// Owner1 can approve their own transaction
vm.expectEmit(true, true, false, true);
emit TransactionApproved(0, owner1);
wallet.approveTransaction(0);
// Verify owner1's approval was recorded
(,, bool approvedByOwner1,,) = wallet.transactions(0);
assertTrue(approvedByOwner1, "Owner1's approval should be recorded");
vm.stopPrank();
// Now owner2 approves and transaction can be executed
vm.startPrank(owner2);
wallet.approveTransaction(0);
wallet.executeTransaction(0);
vm.stopPrank();
// Verify funds were sent
assertEq(recipient.balance, 1 ether, "Transaction should be executed");
}

Proof of Concept:

  1. Alice and Bob match on DatingDapp, each having put in 1 ETH

  2. Their shared multisig is created with 1.8 ETH (after platform fee)

  3. Within minutes of matching, before any conversation:

    • Alice submits a transaction to spend 1 ETH at a restaurant

    • In the same block, Alice approves her own transaction

  4. Bob receives notification that a transaction is pending his approval

  5. Bob feels pressured to approve or risk appearing disinterested

  6. This financial pressure occurs before any meaningful connection is established

Recommended Mitigation:
Add a transaction cool-down period for new matches:

require(msg.sender != txn.proposer, "Cannot self-approve transactions");

Alternative design considerations:

  1. Implement a time-lock between transaction submission and first approval

  2. Require off-chain chat interaction before enabling transaction submission

  3. Start with smaller unlocked amounts that increase with interaction time

  4. Add platform-verified date venues to prevent misuse of funds

These changes would better align with the platform's stated goal of "meaningful, on-chain commitment" while maintaining security.

Updates

Appeal created

n0kto Lead Judge 6 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Informational or Gas

Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelyhood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.