Submission Details
Severity:
Fund Amount Raised Not Updated After Refund in RustFund Contract
Summary
The refund function does not decrease fund.amount_raised after refunding, leading to an inflated value that misrepresents available funds.
Vulnerability Details
The vulnerable code is in the refund function:
rust
pub fn refund(ctx: Context<FundRefund>) -> Result<()> {
// Refund logic...
ctx.accounts.contribution.amount = 0;
Ok(())
}
No Update: fund.amount_raised remains unchanged after transferring funds back.
Accounting Error: Subsequent withdrawals use the outdated amount_raised.
Impact
Funds Misallocation: Creators can withdraw more than the actual remaining funds.
Integrity Violation: Breaks financial transparency.
Tools Used
Manual Review
Recommendations
Update amount_raised:
rust
pub fn refund(ctx: Context<FundRefund>) -> Result<()> {
let fund = &mut ctx.accounts.fund;
let amount = ctx.accounts.contribution.amount;
// Deadline check...
// Refund logic...
fund.amount_raised = fund.amount_raised.checked_sub(amount).ok_or(ErrorCode::CalculationOverflow)?;
ctx.accounts.contribution.amount = 0;
Ok(())
}
Updates
Appeal created
bube 2 months ago
Submission Judgement Published Assigned finding tags:
`amount_raised` not updated in `refund` function
Rewards breakdown
nSLOC
170This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.