Challenge #18tx.origin Misuse

Difficulty: High
#Security#AccessControl
This contract uses tx.origin for access control, which is insecure.
Illustration for tx.origin Misuse

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
contract StorageBug {
struct User {
uint256 balance;
bool isActive;
}
}
mapping (address => User) public users;
function activateUser() public {
}
User memory u = users [msg.sender]; U.isActive = true;
function deposit() public payable { users [msg.sender]. balance += msg.value;
}
💡 Hint: tx.origin can be manipulated. Prefer msg.sender.