DatingDapp

First Flight #33

Beginner FriendlyFoundrySolidityNFT

100 EXP

View results

Previous Next

Submission Details

Severity: high

Valid

Multisig wallet does not hold any funds which restricts spending during 'Date'.

0x1422

Description:

Due to lack of updation of state vaiable LikeRegistry::userBalances in the function LikeRegistry::likeUser(), the userBalances never gets updated.

Also LikeRegistry::userBalances variable is used to calculate the funds to send to freshly created multisig wallet.

As a result, 0 ether is send to the multisig wallet.

Impact:

Couple will not be able to spend any funds as there will be no money in wallet.

Proof of Concept:

In LikeRegistry.sol file, update this code

contract LikeRegistry is Ownable {

// Variable to keep tract of multisig wallet

address public multisig;

...

function matchRewards(address from, address to) internal {

...

// Deploy a MultiSig contract for the matched users

MultiSigWallet multiSigWallet = new MultiSigWallet(from, to);

// saving the address of multisig wallet

+ @> multisig = address(multiSigWallet);

...

}

Now, Create file testMultiSig.t.sol and add this code

How to run => forge test --mt testBalanceOfMultiSig -vv

// SPDX-License-Identifier: MIT

pragma solidity ^0.8.19;

import "forge-std/Test.sol";

import "../src/MultiSig.sol";

import "../src/SoulboundProfileNFT.sol";

import "../src/LikeRegistry.sol";

contract TestMultisig is Test {

MultiSigWallet multiSig;

SoulboundProfileNFT soulboundNFT;

LikeRegistry likeRegistry;

address Alice = address(0x123);

address Bob = address(0x456);

address owner = makeAddr("owner"); // Test contract acts as the owner

function setUp() public {

vm.prank(owner);

soulboundNFT = new SoulboundProfileNFT();

vm.prank(owner);

likeRegistry = new LikeRegistry(address(soulboundNFT));

}

function testBalanceOfMultiSig() public {

vm.prank(Alice); // Simulates user calling the function

soulboundNFT.mintProfile("Alice", 25, "ipfs://profileImage");

vm.prank(Bob); // Simulates user calling the function

soulboundNFT.mintProfile("Bob", 25, "ipfs://profileImage");

vm.deal(Alice, 10 ether);

vm.deal(Bob, 10 ether);

// Alice likes Bob

vm.prank(Alice);

(bool success,) = address(likeRegistry).call{value: 1 ether}(abi.encodeWithSignature("likeUser(address)", Bob));

// Bob likes Alice

// A multisig will be created

vm.prank(Bob);

(bool success2,) =

address(likeRegistry).call{value: 1 ether}(abi.encodeWithSignature("likeUser(address)", Alice));

// asserting balance of multisig is 0

assert(address(likeRegistry.multisig()).balance == 0);

console.log(address(likeRegistry.multisig()).balance);

}

/**

* Ran 1 test for test/testMultiSig.t.sol:TestMultisig

* [PASS] testBalanceOfMultiSig() (gas: 1442484)

* Logs:

* 0

* Suite result: ok. 1 passed; 0 failed; 0 skipped; finished in 3.16ms (807.30µs CPU time)

Recommended Mitigation:

In LikeRegistry.sol please add

function likeUser(address liked) external payable {

...

if (likes[liked][msg.sender]) {

matches[msg.sender].push(liked);

matches[liked].push(msg.sender);

emit Matched(msg.sender, liked);

matchRewards(liked, msg.sender);

}

// Keeping track of money sent by msg.sender

+ @> userBalances[msg.sender] += msg.value;

}

Updates

Appeal created

n0kto Lead Judge 7 months ago

Submission Judgement Published

Validated

Assigned finding tags:

finding_likeUser_no_userBalances_updated

Likelihood: High, always. Impact: High, loss of funds

Rewards breakdown

nSLOC

197

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.