Submission Details
Impact:
Likelihood:
[H-02] Creator can withdraw funds anytime regardless of goal or deadline
Root + Impact
Description
-
withdraw function is missing checking condition. creator is enable to rug bool when deadline or goal is not reached
pub fn withdraw(ctx: Context<FundWithdraw>) -> Result<()> {
@> let amount = ctx.accounts.fund.amount_raised;
}
Risk
Likelihood: High
-
It's not technical bug, it's depend on Creator. In decentralized systems, the missing of technical condition to prevent rug pull is a chance to scam
Impact:
-
Trust isusse of contributer
-
High risk logical busisness
Proof of Concept
pub fn withdraw(ctx: Context<FundWithdraw>) -> Result<()> {
let amount = ctx.accounts.fund.amount_raised;
**ctx.accounts.fund.to_account_info().try_borrow_mut_lamports()? =
ctx.accounts.fund.to_account_info().lamports()
.checked_sub(amount)
.ok_or(ProgramError::InsufficientFunds)?;
**ctx.accounts.creator.to_account_info().try_borrow_mut_lamports()? =
ctx.accounts.creator.to_account_info().lamports()
.checked_add(amount)
.ok_or(ErrorCode::CalculationOverflow)?;
Ok(())
}
Recommended Mitigation
pub fn withdraw(ctx: Context<FundWithdraw>) -> Result<()> {
let fund = &ctx.accounts.fund;
let current_time = Clock::get()?.unix_timestamp as u64;
+ add this code
require!(fund.amount_raised >= fund.goal, ErrorCode::GoalNotReached);
require!(current_time >= fund.deadline, ErrorCode::DeadlineNotReached);
// ...
}
Rewards breakdown
This contest has a flat reward structure with the following payouts:
Live
The contest is live. Earn rewards by submitting a finding.
Judging
Submissions are being reviewed by our AI judge. Results will be available in a few minutes.
View all submissionsRewards Distribution
The contest is complete and the rewards are being distributed.