Submission Details
Severity:
ETH sent to likeUser the ETH is not updated in userBalance
Summary
The ETH, which the user sends in the likeUser function is not accounted for in userBalance. This means that the ETH will be forever stuck in the protocol and not sent to the MultiSig of the users who had a match.
PoC
modifier mintNfts() {
vm.deal(alice, 3 ether);
vm.prank(alice);
soulboundNFT.mintProfile("Alice", 25, "ipfs://profileImage");
vm.deal(bob, 3 ether);
vm.prank(bob);
soulboundNFT.mintProfile("Bob", 25, "ipfs://profileImage");
vm.deal(carol, 3 ether);
vm.prank(carol);
soulboundNFT.mintProfile("Carol", 25, "ipfs://profileImage");
_;
}
function test_poc_notCountingEth() public mintNfts {
vm.prank(alice);
likeRegistry.likeUser{value: 1 ether}(bob);
vm.prank(bob);
likeRegistry.likeUser{value: 1 ether}(alice);
console.log("Ether in MultiSig:", address(0xffD4505B3452Dc22f8473616d50503bA9E1710Ac).balance);
//Prints 0 ETH in the multiSig
}
Impact
High as it defeats the core purpose of the contract and causes loss of funds.
Tools Used
Manual review
Recommendations
Add this line of code after the checks in the likeUser function:
userBalances[msg.sender] += msg.value;
Updates
Appeal created
n0kto 6 months ago
Submission Judgement Published Assigned finding tags:
finding_likeUser_no_userBalances_updated
Likelihood: High, always. Impact: High, loss of funds
Rewards breakdown
nSLOC
197This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.