Hawk High
First Flight #39
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Impact: medium
Likelihood: high
Invalid

Unauthorized Teachers' Wage Increase When Upgrading to Level Two Smart Contract

lexanhacker

The Teachers are getting 35% of the bursary as their wage in Level One , but in level two , their wage is incresed to 40% of the bursary in the Smart Contract which leads to Wastage or Draining of Funds ...

uint256 public constant TEACHER_WAGE = 35; // 35%
uint256 public constant PRINCIPAL_WAGE = 5; // 5%

Which are the variables defining the Teachers Wage in the Level One Smart Contract

uint256 public constant TEACHER_WAGE_L2 = 40;
uint256 public constant PRINCIPAL_WAGE_L2 = 5;

Which are Variables defining the Teachers Wage in the Level Two Smart Contract and as it can be seen that they are inconsistent and the additional 5% may lead to draining of funds in the Smart Contract

  • The contest instructions do not mention any wage increase after upgrading to LevelTwo.

  • The principal could arbitrarily upgrade to LevelTwo, increasing teacher wages from 35% to 40%, reducing the remaining bursary (which should stay at 60%).

Impact are Teachers get an extra 5% (40% instead of 35%), meaning only 55% remains (instead of 60%).

Tools Used are Visual Studio Code

Recommendations are Removing TEACHER_WAGE_L2 in LevelTwo and keep it at 35% (same as LevelOne).

This ensures the 60% bursary rule is maintained and the funds are not lost due to upgrading the Smart Contract


Updates

Lead Judging Commences

yeahchibyke Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!