Event emits caller instead of recipient breaking the audit trail
Root + Impact
Description
Line 111 emits the wrong address in the Claimed event:
The event records WHO SUBMITTED THE TRANSACTION, not WHO RECEIVED THE MONEY.
Real-world example:
-
Bob (bounty hunter) finds treasure and gets ZK proof
-
Proof is bound to Alice (his friend who physically found the treasure)
-
Bob submits the claim transaction
-
Alice receives 10 ETH
Current broken behavior:
-
Event emits:
Claimed(treasureHash, bob) -
Off-chain system records: "Bob claimed treasureHash and received 10 ETH"
Reality:
-
Bob never received anything
-
Alice received 10 ETH
-
Event is completely wrong
Risk
Likelihood:
-
Occurs on every
claim()call wheremsg.sender != recipient -
This is a supported use case — the function accepts a separate recipient parameter
Impact:
-
Off-chain indexing shows wrong recipient data
-
Subgraphs and APIs return incorrect information
-
Audit trails and legal/compliance records are false
-
Forensic analysis is unreliable
-
Cannot verify who actually got paid from event logs alone
Proof of Concept
This test proves the event emits the caller instead of the recipient.
When msg.sender and recipient are different addresses, the emitted
event records the caller — not the address that actually received the 10 ETH.
Recommended Mitigation
The fix is a single one-word change on line 111. Replace msg.sender
with recipient so the event records the address that actually received
the reward, not the address that submitted the transaction.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.
Rewards Distribution
The contest is complete and the rewards are being distributed.