DatingDapp
First Flight #33
Beginner FriendlyFoundrySolidityNFT
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

No Handling for Failed Transfers

glitchunter

Summary LikeRegistry.sol::withdrawFees No Handling for Failed Transfers

If payable(owner()).call{value: totalFeesToWithdraw}("") fails, the function reverts.

Vulnerability Details

If payable(owner()).call{value: totalFeesToWithdraw}("") fails, the function reverts and Funds may be lost.

Impact

The fees remain in the contract, but totalFees is already set to 0. This means:

Funds may be lost if the function is called again before fixing the issue.

Owner has no fallback option to retry the withdrawal.

Tools Used

Manual Review

Recommendations

Use a fallback mechanism instead of resetting totalFees immediately.

function withdrawFees() external onlyOwner {
require(totalFees > 0, "No fees to withdraw");
uint256 totalFeesToWithdraw = totalFees;
(bool success, ) = payable(owner()).call{value: totalFeesToWithdraw}("");
if (success) {
totalFees = 0; // Reset only if successful
} else {
revert("Transfer failed");
}
}
Updates

Appeal created

n0kto Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Admin is trusted

Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelyhood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.