Unused `Like` Struct limits Contract's intended capabilities
Summary
The Like struct is defined but never utilized in the contract, leading to incomplete functionality or potential loss of intended features.
Vulnerability Details
The Like struct is defined as follows:
However, this struct is never used in the contract. Instead, the likes mapping uses a bool to track whether a user has liked another user:
This means that the additional data (e.g., timestamp) stored in the Like struct is not being utilized, and the contract is not tracking when a like occurred.
Impact
Loss of functionality: The contract cannot track when a like occurred, which could be useful for analytics, rewards, or other features.
Incomplete implementation: The
Likestruct may have been intended to store additional data, but its absence limits the contract's capabilities.Potential confusion: The presence of an unused struct may indicate incomplete development or a bug.
Tools Used
Manual code review.
Recommendations
Update the contract to use the Like struct for tracking likes and update the likeUser function to store the relevant data:
Appeal created
Informational or Gas
Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelyhood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.