Submission Details
Severity:
`LikeRegistry::matchRewards` called only once can be inlined
Summary
The LikeRegistry::matchRewards function marked as internal was only called once by likeUser in the contract
function likeUser(address liked) external payable {
require(msg.value >= 1 ether, "Must send at least 1 ETH");
require(!likes[msg.sender][liked], "Already liked");
require(msg.sender != liked, "Cannot like yourself");
require(profileNFT.profileToToken(msg.sender) != 0, "Must have a profile NFT");
require(profileNFT.profileToToken(liked) != 0, "Liked user must have a profile NFT");
//@audit - not keeping track of the amount deposited into the contract
likes[msg.sender][liked] = true;
emit Liked(msg.sender, liked);
//@audit - update state to reflect contract balance
// userBalances[msg.sender] += msg.value;
// Check if mutual like
if (likes[liked][msg.sender]) {
matches[msg.sender].push(liked);
matches[liked].push(msg.sender);
emit Matched(msg.sender, liked);
@ matchRewards(liked, msg.sender);
}
}
Vulnerability Details
Impact
Reducing the number of function calls in a contract helps save gas
Tools Used
Manual review
Recommendations
Consider inlining the logic into likeUser function. This can reduce the number of function calls and improve readability.
Updates
Appeal created
n0kto 5 months ago
Submission Judgement Published Reason: Non-acceptable severity
Assigned finding tags:
Informational or Gas
Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelyhood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.
Rewards breakdown
nSLOC
197This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.