search

VIS-2 / taobank-04-24

0 stars 0 forks source link

Missing `contributorDeposit` check in `StabilityPool::redeemReward()` #24

Open 0xMilenov opened 4 months ago

0xMilenov commented 4 months ago

Context

StabilityPool::redeemReward()

Recommendation

Add this check in order to fail early and return unused gas to the user.

function redeemReward() external {
    Snapshots memory snapshots = depositSnapshots[msg.sender];
    uint256 contributorDeposit = deposits[msg.sender];
+   require(contributorDeposit > 0, "deposit-is-0");

    uint256 compoundedDeposit = _getCompoundedDepositFromSnapshots(
        contributorDeposit,
        snapshots
    );
    _redeemReward();
    _updateDepositAndSnapshots(msg.sender, compoundedDeposit);
}