Info
Source on GitHub
Smart Contract Address
kQBS8IaEVSpQa31xmm8YrPcPWiu6eEou5Xa21lnAgR0cedrH
Testing and Issues
You can test this entry and submit issues during the testing period of the Blockchain Contest, Stage 2 contest.
Entries with serious issues will not be able to win the contest, but even minor issues might be important for overall results.
Voting
Comments
Smart contract aims to handle group expenses.
For instance you are going for a trip with your friends, all expenses are supposed to be shared between you all.
You (smc owner) initialize a smart contract and record in your friends (add smc members) by adding their address and public keys.
Now, any member can send his expense signed with his own public key to the smc. Once smc owner approves expense, smc recalculates who should pay whom and how much.
Member can ask smc about his own balance (credit/debt).
To pay off a debt member should send certain amount of grams to the smc, it will redirect your payment to the member with the biggest credit and recalculates all members balances.
It is also possible to withdraw member credit manually if smc has enough grams on the balance.
For instance you are going for a trip with your friends, all expenses are supposed to be shared between you all.
You (smc owner) initialize a smart contract and record in your friends (add smc members) by adding their address and public keys.
Now, any member can send his expense signed with his own public key to the smc. Once smc owner approves expense, smc recalculates who should pay whom and how much.
Member can ask smc about his own balance (credit/debt).
To pay off a debt member should send certain amount of grams to the smc, it will redirect your payment to the member with the biggest credit and recalculates all members balances.
It is also possible to withdraw member credit manually if smc has enough grams on the balance.
You have not added any comments yet...
by rating
Issues
We found some issues in your contract.
Critical:
- In withdraw function `msg` can be loaded from input message. `amount` doesn't have to be equal to amount set in `msg`, so funds can be easily stolen by any member.
Minor:
- In approve_expense external message is accepted before valid_until is checked, effectively allowing to drain contract balance if the check fails.
- creditor_lookup is very inefficient and is called for all members.
Critical:
- In withdraw function `msg` can be loaded from input message. `amount` doesn't have to be equal to amount set in `msg`, so funds can be easily stolen by any member.
Minor:
- In approve_expense external message is accepted before valid_until is checked, effectively allowing to drain contract balance if the check fails.
- creditor_lookup is very inefficient and is called for all members.
Nobody added any issues yet...