3.7 Improved NameRenewed Event Generation in RegistrarController
ID: PVE-007
Severity: Low
Likelihood: Low
Impact: Low
Target: RegistrarController
Category: Coding Practices []
CWE subcategory: CWE-1041 []
Description
In Ethereum, the event is an indispensable part of a contract and is mainly used to record a variety of runtime dynamics. In particular, when an event is emitted, it stores the arguments passed in transaction logs and these logs are made accessible to external analytics and reporting tools. Events can be emitted in a number of scenarios. One particular case is when system-wide parameters or settings are being changed. Another case is when tokens are being minted, transferred, or burned.
In the following, we use the UserRegistrarControllerWallet contract as an example. This contract has public functions that are used to renew names at fixed cost. While examining the events that reflect the renew operation, we notice the emitted important event NameRenewed needs to reflect important state changes. Specifically, when the event should reflect the actual cost price, not the msg.value amount (line 230).
Recommendation
Properly emit the respective event when a name is renewed. The issue has been fixed by this commit: f84caf4.
Last updated