DatingDapp

First Flight #33
Beginner FriendlyFoundrySolidityNFT
100 EXP
View results
Submission Details
Severity: low
Invalid

Inconsistent Error Handling in MultiSigWallet contract

Summary

The MultiSigWallet contract uses a mix of custom errors and require statements, leading to inconsistent error handling.

Vulnerability Details

Some functions use custom errors (e.g., NotAnOwner, AlreadyApproved), while others use require statements with string messages (e.g., "Invalid transaction ID"). This inconsistency can make the code harder to maintain and debug.

constructor(address _owner1, address _owner2) {
require(_owner1 != address(0) && _owner2 != address(0), "Invalid owner address");
require(_owner1 != _owner2, "Owners must be different");
owner1 = _owner1;
owner2 = _owner2;
}
/// @notice Submit a transaction for approval
function submitTransaction(address _to, uint256 _value) external onlyOwners {
if (_to == address(0)) revert InvalidRecipient();
if (_value == 0) revert InvalidAmount();
transactions.push(Transaction(_to, _value, false, false, false));
uint256 txId = transactions.length - 1;
emit TransactionCreated(txId, _to, _value);
}

Impact

  • Reduced code readability and maintainability.

  • Inconsistent user experience when errors occur.

  • Difficult to handle errors in the frontend when there is no consistency.

Tools Used

  • Manual code review.

Recommendations

Standardize error handling by using custom errors throughout the contract:

Updates

Appeal created

n0kto Lead Judge 6 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Informational or Gas

Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelyhood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.