DatingDapp
First Flight #33
Beginner FriendlyFoundrySolidityNFT
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Missing Balance Tracking

preslavpetkov93

Summary

Scope: src/LikeRegistry.sol

In the likeUser function, users send ETH (1 ETH minimum), but the contract never updates userBalances[msg.sender]

Vulnerability Details

  1. Missing Balance Tracking:

    • In the likeUser function, users send ETH (1 ETH minimum), but the contract never updates userBalances[msg.sender].

    • The ETH is sent to the contract, but userBalances remains at 0 because there's no code to store the deposited ETH in the user's balance.

  2. matchRewards Relies on Empty Balances:

    • When mutual likes occur, matchRewards reads userBalances[from] and userBalances[to], which are both 0 since the balances were never updated.

    • This leads to totalRewards = 0 + 0 = 0, resulting in zero rewards and fees.

Impact

The userBalances not being updated causes the userBalances[x] , totalRewards , matchingFees , rewards and totalFees in the matchRewards function to always be 0 thus breaking the logic of the application for the pooled payments.

Tools Used

Remix IDE,
Manual Static Analysis

Recommendations

function likeUser(address liked) external payable {
require(msg.value >= 1 ether, "Must send at least 1 ETH");
// ... existing checks ...
likes[msg.sender][liked] = true;
emit Liked(msg.sender, liked);
// Add this line to track the ETH:
userBalances[msg.sender] += msg.value;
// ... rest of the code ...
}
Updates

Appeal created

n0kto Lead Judge 8 months ago
Submission Judgement Published
Validated
Assigned finding tags:

finding_likeUser_no_userBalances_updated

Likelihood: High, always. Impact: High, loss of funds

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.