DatingDapp

AI First Flight #6

Beginner FriendlyFoundrySolidityNFT

EXP

View results

Previous Next

Submission Details

Impact: high

Likelihood: high

Invalid

Unmonitored receive() Function and Unrestricted msg.value Thresholds Permanently Trap and Freeze Native Ether Inside Contract

bamgboseoluwole83

Root + Impact

Description

Describe the normal behavior in one or more sentences
Explain the specific issue or problem in one or more sentences

// ## Description

* Standard design patterns ensure that protocol contracts only accept or hold capital that is actively tracked via localized state accounting variables.

* The inclusion of an unmonitored native `receive()` function allows incoming ether transfers without validating, tracking, or updating internal ledgers. Consequently, arbitrary transaction margins or direct transfers are trapped inside the contract with no corresponding recovery functions.

## Risk

### Likelihood

- End users manually send native network assets directly to the contract address layout instead of passing calls through explicit function definitions.

- Interacting wallets specify input amounts exceeding the mandatory 1 ETH minimum baseline threshold parameter.

### Impact

- Transacted value is permanently frozen within the runtime environment because no internal functional loops read from or leverage `address(this).balance`.

- Core financial parameters like platform fee totals and matching pools fail to recognize the trapped balance.

---

## Proof of Concept

The test validation demonstrates how native transfers can lock capital. Sending native assets directly through the unmonitored callback loop increases the contract's overall token profile balance without allocating an identifiable recovery claim to the originating wallet address.

```solidity

function test_DirectReceiveTrapsEth() public {

// Alice sends 1 ETH directly to the contract via receive()

vm.deal(alice, 1 ether);

vm.prank(alice);

(bool success, ) = address(likeRegistry).call{value: 1 ether}("");

assertTrue(success);

// Contract balance increases but remains entirely untracked and unrecoverable

assertEq(address(likeRegistry).balance, 1 ether);

assertEq(likeRegistry.userBalances(alice), 0);

}

```

---

## Recommended Mitigation

Restrict payment parameters to exact limits and eliminate open callback definitions that accept loose assets.

```diff

- receive() external payable {}

+ require(msg.value == 1 ether, "Must send exactly 1 ETH");

```

Root cause in the codebase with @> marks to highlight the relevant section

Risk

Likelihood:

Reason 1 // Describe WHEN this will occur (avoid using "if" statements)
Reason 2

Impact:

Impact 1
Impact 2

Proof of Concept

Recommended Mitigation

- remove this code

+ add this code

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge 1 day ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Rewards breakdown

This contest has a flat reward structure with the following payouts:

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being reviewed by our AI judge. Results will be available in a few minutes.

View all submissions

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!