r2moon
commented
3 years ago duplicated with https://github.com/code-423n4/2021-10-mochi-findings/issues/84
Closed code423n4 closed 3 years ago
r2moon
commented
3 years ago duplicated with https://github.com/code-423n4/2021-10-mochi-findings/issues/84
Handle
leastwood
Vulnerability details
Impact
There are a number of functions in
MochiEngine.solwhich don't emit events upon updating the contract's state variables. As a result, these changes can't be monitored by off-chain scripts or reflected in Mochi's frontend.Proof of Concept
https://github.com/code-423n4/2021-10-mochi/blob/main/projects/mochi-core/contracts/MochiEngine.sol
Potentially in other contracts too.
Tools Used
Manual code review
Recommended Mitigation Steps
Consider emitting an event for all state changing functions.