Open Viktor-Andreev4 opened 1 month ago
This is an issue from the incorrect initial version of the CTF(technical error on my side) . I decided those would also get awarded, since it's fair to do so.
Your submission is valid and you're the first one to submit it, so you'll get a reward
Bug in deposit() function
Description of bug:
In the deposit() function, if a user deposits multiple times, only the first deposit is correctly recorded. Subsequent deposits are not properly accumulated, resulting in only the first deposit being withdrawable. This oversight causes issues when users attempt to withdraw their additional deposits, leading to reversion errors and locked funds.
Impact
Due to this bug, users who make multiple deposits will experience issues withdrawing their funds beyond the initial deposit. The failure to properly accumulate the deposit values causes the contract to lock the additional funds, making them inaccessible and resulting in a poor user experience.
Solution
To resolve this issue, modify the deposit handling logic from
deposits[msg.sender] = msg.value
todeposits[msg.sender] += msg.value
. This adjustment ensures that each new deposit is added to the existing balance, allowing users to withdraw their total deposited amount accurately.