MattGibney
commented
2 months ago This is ready for review now. I've opted to not worry about the race condition of a deposit coming in at the same time as an attack. The requests take less than 10ms on the server to process. While it's possible that it someone could attempt to exploit it with a script, I don't think it's a real concern right now. Plus, the correct way to handle that scenario is to use transactions anyway.
I accidentally marked this as ready for review earlier. @fpopa Thanks for the feedback. You're 100% correct about it all