1. you cannot stop someone from sending ERC20 tokens to proxy address.
2. sponsor can be anyone is by design
The vulnerability intended in the report seems to be not about the organizer's ability to fund a contest but the ability of a sponsor ( here the term as used by the reportee seems to mean the main entity behind the project ) to be the organizer and act maliciously. This would be then similiar to M-03 which was decided by the team to not be considered now.
Issue Details
L-07 : Centralization Risk for trusted organizers
Issue Link : https://www.codehawks.com/report/cllcnja1h0001lc08z7w0orxx#L-07
Review
Acknowledged not fixed.
The rationale for not choosing to fix provided is: (https://github.com/codefox-inc/sparkn-contracts/issues/28)
The vulnerability intended in the report seems to be not about the organizer's ability to fund a contest but the ability of a sponsor ( here the term as used by the reportee seems to mean the main entity behind the project ) to be the organizer and act maliciously. This would be then similiar to M-03 which was decided by the team to not be considered now.