Submission Details
Severity:
The author can withdraw money at any time without meeting any conditions.
Summary
The creator can withdraw the raised funds at any time without meeting any successful conditions.
Vulnerability Details
The creator initiated an activity with a goal of 1,000 SOL.
Call withdraw immediately after receiving 10 SOL.
The contract will transfer 10 SOL to the creator's account without any obstacles.
Impact
Malicious creators can abscond with funds,Destroying the basic logic of crowdfunding models.
Tools Used
Manual Review
Recommendations
Implement checks to ensure that funds can only be withdrawn after the objectives of the activity have been achieved.
pub fn withdraw(ctx: Context<FundWithdraw>) -> Result<()> {
let fund = &mut ctx.accounts.fund;
// Check if the target has been reached
if fund.amount_raised < fund.goal {
return Err(ErrorCode::GoalNotReached.into());
}
// Prevent duplicate withdrawals
if fund.amount_raised == 0 {
return Err(ErrorCode::InsufficientFunds.into());
}
let amount = fund.amount_raised;
fund.amount_raised = 0; // Reset amount
// Transfer funds
**ctx.accounts.fund.to_account_info().try_borrow_mut_lamports()? =
ctx.accounts.fund.to_account_info().lamports()
.checked_sub(amount)
.ok_or(ProgramError::InsufficientFunds)?;
**ctx.accounts.creator.to_account_info().try_borrow_mut_lamports()? =
ctx.accounts.creator.to_account_info().lamports()
.checked_add(amount)
.ok_or(ErrorCode::CalculationOverflow)?;
Ok(())
}
}
Updates
Appeal created
bube 6 months ago
Submission Judgement Published Assigned finding tags:
No goal achievement check in `withdraw` function
Rewards breakdown
nSLOC
170This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.