Beatland Festival
First Flight #44
Beginner FriendlyFoundrySolidityNFT
100 EXP
View results
Previous Next
Submission Details
Impact: medium
Likelihood: medium
Invalid

No Way to Refund Mistaken Purchases (Business Design Issue)

ishwar

Description + Impact

  • The FestivalPass contract does not offer any mechanism for users to refund mistaken pass purchases or memorabilia redemptions.

  • All transactions are final, placing the burden on the organizer to resolve disputes off-chain.

function buyPass(uint256 collectionId) external payable {
// No refund logic present //@>
}
function redeemMemorabilia(uint256 collectionId) external {
// No refund logic present //@>
}

Risk

Likelihood:

  • Occurs whenever users make unintentional purchases or redemptions.

  • User mistakes are common in large events or under stress.

Impact:

  • User dissatisfaction and support disputes.

  • Reputation damage for the festival if mistakes cannot be rectified easily.

Proof of Concept

// User accidentally buys VIP_PASS when intending to buy GENERAL_PASS
buyPass(VIP_PASS); // No way to undo or refund this purchase

Recommended Mitigation

- function buyPass(uint256 collectionId) external payable {
+ function buyPass(uint256 collectionId) external payable {
+ // Add a grace period or undo logic to allow refunds
}

  • Design and implement an on-chain refund or undo mechanism, or provide clear and automated off-chain refund policies.

Updates

Lead Judging Commences

inallhonesty Lead Judge about 2 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Appeal created

ishwar Submitter
about 2 months ago
inallhonesty Lead Judge
about 2 months ago
ishwar Submitter
about 2 months ago
inallhonesty Lead Judge about 1 month ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.