DatingDapp
First Flight #33
Beginner FriendlyFoundrySolidityNFT
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Reward is always set to 0, no reward can be received

loptus

Summary

Initially, because the values for userBalances[from] and userBalances[to] are not set, they default to 0. As a result, the reward calculation always returns 0, and no one receives any rewards.

Vulnerability Details

function matchRewards(address from, address to) internal {
uint256 matchUserOne = userBalances[from]; // 0
uint256 matchUserTwo = userBalances[to]; // 0
userBalances[from] = 0;
userBalances[to] = 0;
uint256 totalRewards = matchUserOne + matchUserTwo; // 0 + 0 = 0
uint256 matchingFees = (totalRewards * FIXEDFEE) / 100; // (0 * 10) / 100 = 0
uint256 rewards = totalRewards - matchingFees; // 0 - 0 = 0
totalFees += matchingFees;
// Deploy a MultiSig contract for the matched users
MultiSigWallet multiSigWallet = new MultiSigWallet(from, to);
// Send ETH to the deployed multisig wallet
(bool success,) = payable(address(multiSigWallet)).call{value: rewards}(""); // send 0 eth
require(success, "Transfer failed");
}

Within the likeUser() function, a user deposits 1 ether into the contract, but since the userBalances are never updated, they always remain at 0. Consequently, during matching, the reward calculation always results in 0 ether being transferred.

Impact

Due to the absence of balance updates, rewards are lost

Recommendations

Update the balance when a user deposits 1 ether.

Updates

Appeal created

n0kto Lead Judge 5 months ago
Submission Judgement Published
Validated
Assigned finding tags:

finding_likeUser_no_userBalances_updated

Likelihood: High, always. Impact: High, loss of funds

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.