0ximmeas
commented
1 week ago same as https://github.com/CDSecurity/Blessed-Immeas/issues/7 my reasoning why medium is that it could be used to lock sellers proceeds in the contract.
Open minhquanym opened 2 weeks ago
0ximmeas
commented
1 week ago same as https://github.com/CDSecurity/Blessed-Immeas/issues/7 my reasoning why medium is that it could be used to lock sellers proceeds in the contract.
[L-02] The same address could exist multiple times in
winnerAddresses[]Severity
Impact: Low
Likelihood: Low
Description
The
winnerAddresses[]list stores all winner addresses. However, the same address can be added to this list more than once. In theLotteryV2Basecontract, users can roll a new random number even after claiming the winning number. If this new random number is a winning number, users can callclaimNumber()to add their addresses to thewinnerAddresses[]list again.Recommendations
Consider preventing the same address from being added to the
winnerAddresses[]list multiple times inLotteryV2Base.