Core Contracts

Regnum Aurum Acquisition Corp

HardhatReal World AssetsNFT

77,280 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

State Update Without Emitting an Event in `FeeCollector::applyRepairFundUpdate`

auditbyte

Summary

The applyRepairFundUpdate function updates the repairFund state variable but does not emit an event to log this change. This omission makes it difficult to track state changes off-chain, reducing transparency and auditability of the protocol.

Vulnerability Details

function applyRepairFundUpdate() external {

if (pendingRepairFund.newAddress == address(0)) revert InvalidAddress();

if (block.timestamp < pendingRepairFund.effectiveTime) revert UnauthorizedCaller();

repairFund = pendingRepairFund.newAddress;

delete pendingRepairFund;

}

The function updates the repairFund state variable but does not emit an event to log this change. Events are critical for off-chain monitoring, auditing, and transparency, as they provide a record of state changes on the blockchain.

Impact

Off-chain systems and users cannot easily track changes to the repairFund address, making it harder to monitor the protocol's state.

Tools Used

Manual code review

Recommendations

To address this issue, emit an event when the repairFund state variable is updated. Define an event (if not already defined) and emit it after updating the state. Update the function as follows:

// Define an event to log repair fund updates

+ event RepairFundUpdated(address indexed newRepairFund);

function applyRepairFundUpdate() external {

if (pendingRepairFund.newAddress == address(0)) revert InvalidAddress();

if (block.timestamp < pendingRepairFund.effectiveTime) revert UnauthorizedCaller();

repairFund = pendingRepairFund.newAddress;

delete pendingRepairFund;

// Emit an event to log the update

+ emit RepairFundUpdated(repairFund);

}

Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

77,280 USDC

nSLOC

3,864

20 USDC / LOC

High Medium

74,000

Low

3,280

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.