Hawk High
First Flight #39
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Impact: medium
Likelihood: high
Invalid

Unauthorized Teachers' Wage Increase When Upgrading to Level Two Smart Contract

lexanhacker

The Teachers are getting 35% of the bursary as their wage in Level One , but in level two , their wage is incresed to 40% of the bursary in the Smart Contract which leads to Wastage or Draining of Funds ...

uint256 public constant TEACHER_WAGE = 35; // 35%
uint256 public constant PRINCIPAL_WAGE = 5; // 5%

Which are the variables defining the Teachers Wage in the Level One Smart Contract

uint256 public constant TEACHER_WAGE_L2 = 40;
uint256 public constant PRINCIPAL_WAGE_L2 = 5;

Which are Variables defining the Teachers Wage in the Level Two Smart Contract and as it can be seen that they are inconsistent and the additional 5% may lead to draining of funds in the Smart Contract

  • The contest instructions do not mention any wage increase after upgrading to LevelTwo.

  • The principal could arbitrarily upgrade to LevelTwo, increasing teacher wages from 35% to 40%, reducing the remaining bursary (which should stay at 60%).

Impact are Teachers get an extra 5% (40% instead of 35%), meaning only 55% remains (instead of 60%).

Tools Used are Visual Studio Code

Recommendations are Removing TEACHER_WAGE_L2 in LevelTwo and keep it at 35% (same as LevelOne).

This ensures the 60% bursary rule is maintained and the funds are not lost due to upgrading the Smart Contract


Updates

Lead Judging Commences

yeahchibyke Lead Judge 4 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.