Beatland Festival
First Flight #44
Beginner FriendlyFoundrySolidityNFT
100 EXP
View results
Previous Next
Submission Details
Impact: medium
Likelihood: medium
Invalid

No Way to Refund Mistaken Purchases (Business Design Issue)

ishwar

Description + Impact

  • The FestivalPass contract does not offer any mechanism for users to refund mistaken pass purchases or memorabilia redemptions.

  • All transactions are final, placing the burden on the organizer to resolve disputes off-chain.

function buyPass(uint256 collectionId) external payable {
// No refund logic present //@>
}
function redeemMemorabilia(uint256 collectionId) external {
// No refund logic present //@>
}

Risk

Likelihood:

  • Occurs whenever users make unintentional purchases or redemptions.

  • User mistakes are common in large events or under stress.

Impact:

  • User dissatisfaction and support disputes.

  • Reputation damage for the festival if mistakes cannot be rectified easily.

Proof of Concept

// User accidentally buys VIP_PASS when intending to buy GENERAL_PASS
buyPass(VIP_PASS); // No way to undo or refund this purchase

Recommended Mitigation

- function buyPass(uint256 collectionId) external payable {
+ function buyPass(uint256 collectionId) external payable {
+ // Add a grace period or undo logic to allow refunds
}

  • Design and implement an on-chain refund or undo mechanism, or provide clear and automated off-chain refund policies.

Updates

Lead Judging Commences

inallhonesty Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Appeal created

ishwar Submitter
10 months ago
inallhonesty Lead Judge
10 months ago
ishwar Submitter
10 months ago
inallhonesty Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!