set_deadline never sets dealine_set flag creator can change deadline unlimited times
Description
The set_deadline function (lines 55-63) checks if fund.dealine_set on line 57 to prevent the deadline from being changed. However, the function never sets fund.dealine_set = true after setting the deadline.
pub fn set_deadline(ctx: Context
let fund = &mut ctx.accounts.fund;
if fund.dealine_set {
return Err(ErrorCode::DeadlineAlreadySet.into());
}
fund.deadline = deadline;
// Missing: fund.dealine_set = true;
Ok(())
}
Risk
Since dealine_set starts as false (line 20) and is never changed to true, the creator can call set_deadline an unlimited number of times. This allows a malicious creator to:
Set a short deadline to attract contributors
As the deadline approaches and the goal isn't met, extend the deadline
Repeat indefinitely, preventing contributors from ever getting refunds
Wait until enough contributions accumulate, then withdraw (since withdraw has no checks)
Proof of Concept
Creator creates fund, sets deadline to 7 days
Contributors contribute SOL expecting a 7-day campaign
On day 6, creator calls
set_deadlinewith 30 days — succeeds becausedealine_setis still falseContributors cannot refund because the new deadline hasn't passed
Creator extends deadline again on day 29
This cycle can continue forever
Mitigation
Add the missing flag update:
fund.deadline = deadline;
fund.dealine_set = true;
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Judging
Submissions are being reviewed by our AI judge. Results will be available in a few minutes.
View all submissionsRewards Distribution
The contest is complete and the rewards are being distributed.