Open code423n4 opened 3 years ago
Whilst the tooling throws a warning that the DAO contract is too large; in practice, it is small enough able to be deployed and not an issue. The contract is quite large; however, it is not over the limit when deploying.
Just confirming that the reason for 'disputed' is because it is not too large to deploy despite the warning being triggered.
Per sponsor comment, invalid I assume compile optimizations save the day.
Handle
jonah1005
Vulnerability details
Impact
Contract code size exceeds 24576 bytes.
It is too large to deploy.
Developers would definitely spot this before deploying to main-net and would not cause any harm to users. However, either deleting some
require
statements or refactor the contract into libraries at the last minute is not ideal. Many severe bugs were caused by "small changes" that seem harmless.Proof of Concept
https://github.com/code-423n4/2021-07-spartan/blob/main/contracts/Dao.sol
Tools Used
hardhat
Recommended Mitigation Steps
Refactor the contract into several components (e.g. Controller, Vault, Vote