DatingDapp

First Flight #33
Beginner FriendlyFoundrySolidityNFT
100 EXP
View results
Submission Details
Severity: medium
Valid

User who Gets Blocked by the Admin the Balances of that user Get Stucked in the Contract Forever if the User has previous balances in the contract.

Summary

It was observed that when the owner is blocking any user the blockuser() function doesn't check if the user has the balances in the contract and directly deleting the user without checking and sending back the balances of that user in the contract which leads to the balances stuck in the contract forever of the user which is getting blocked by the other. Also no body other can like that person due to the profile gets delete in the blockProfile()function by this

function blockProfile(address blockAddress) external onlyOwner {
uint256 tokenId = profileToToken[blockAddress];
require(tokenId != 0, "No profile found");
_burn(tokenId);
--> delete profileToToken[blockAddress];
--> delete _profiles[tokenId];
emit ProfileBurned(blockAddress, tokenId);
}

Vulnerability Details

The blockProfile()fucntion is deleting the user without checking if that user has outstanding balance in the contract or not and directly deleting the user will make stuck the user balance in the contract forever. And by this the user as well as the owner of the contract cant withdraw the funds from the contract as when the other user are liking this bliocked user due to the delete profileToToken[blockAddress];````delete _profiles[tokenId]; the other userscant like the blocked user and the multisig wallet will not get created and the amount of the blocked user gets stucked forever in the contract.

function blockProfile(address blockAddress) external onlyOwner {
uint256 tokenId = profileToToken[blockAddress];
require(tokenId != 0, "No profile found");
_burn(tokenId);
delete profileToToken[blockAddress];
delete _profiles[tokenId];
emit ProfileBurned(blockAddress, tokenId);
}

Impact

  1. Blocked users' balances become unrecoverableTools Used.

  2. Users may lose trust in the platform due to unfair fund losses and blocked interactions.

Recommendations

Add this in the code with reentracy gaurd modifier.

if (userBalance > 0) {
userBalances[blockAddress] = 0;
(bool success, ) = payable(blockAddress).call{value: userBalance}("");
require(success, "Failed to return balance");
}
Updates

Appeal created

n0kto Lead Judge 4 months ago
Submission Judgement Published
Validated
Assigned finding tags:

finding_blocking_or_burning_no_refund_balances_or_multisig

Likelihood: Low, burning with money in it would be a user mistake, and being blocked is Low. Impact: High, loss of funds

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.