Closed code423n4 closed 3 years ago
@cmichelio
There are several *Verify calls in the caller that lack implementation details. They are removed in the latest Compound code.
*Verify
comptroller.transferVerify(address(this), src, dst, tokens);
comptroller.mintVerify
comptroller.borrowVerify
comptroller.repayBorrowVerify
comptroller.seizeVerify
The calls cost gas but do not do anything.
Remove them.
These functions will be left for future implementations.
Duplicate of https://github.com/code-423n4/2021-04-basedloans-findings/issues/18
Handle
@cmichelio
Vulnerability details
Vulnerability Details
There are several
*Verify
calls in the caller that lack implementation details. They are removed in the latest Compound code.comptroller.transferVerify(address(this), src, dst, tokens);
comptroller.mintVerify
,comptroller.borrowVerify
comptroller.repayBorrowVerify
comptroller.seizeVerify
Impact
The calls cost gas but do not do anything.
Recommended Mitigation Steps
Remove them.