Raisebox Faucet
First Flight #50
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Impact: low
Likelihood: low
Invalid

Incorrect SPDX License Identifier Spelling

yxsec

Root + Impact

Description

  • The SPDX license identifier should be formatted as SPDX-License-Identifier according to the official specification to properly identify the contract's license.

  • Both contracts contain a misspelled SPDX identifier using Lincense instead of License, which may cause license recognition failures in blockchain explorers, build tools, and documentation generators.

// @> // SPDX-Lincense-Identifier: MIT // Line 1 in both files
pragma solidity ^0.8.30;

Risk

Likelihood:

  • This issue exists in 100% of the contract files from deployment

  • Build tools and blockchain explorers will fail to recognize the license on every deployment

  • Documentation generators will not properly attribute the license

Impact:

  • Legal compliance issues - the license cannot be properly identified

  • Blockchain explorers (Etherscan, etc.) will not display the correct license

  • Automated tools may reject or flag the contract

  • Professional audits and security tools may report warnings

Proof of Concept

// Current state in RaiseBoxFaucet.sol:1 and DeployRaiseBoxFaucet.s.sol:1
// SPDX-Lincense-Identifier: MIT
pragma solidity ^0.8.30;
// When deployed, tools will not recognize this as a valid SPDX identifier

Recommended Mitigation

- // SPDX-Lincense-Identifier: MIT
+ // SPDX-License-Identifier: MIT
Updates

Lead Judging Commences

inallhonesty Lead Judge 11 days ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.