code-423n4 / 2021-09-defiprotocol-findings

1 stars 0 forks source link

`Auction.sol#initialize()` Use msg.sender rather than factory_ parameter can save gas #137

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

Handle

WatchPug

Vulnerability details

https://github.com/code-423n4/2021-09-defiProtocol/blob/main/contracts/contracts/Auction.sol#L47-L52

Auction.sol#initialize() is using the factory_ parameter as the value of factory, while Basket.sol#initialize() uses msg.sender.

https://github.com/code-423n4/2021-09-defiProtocol/blob/main/contracts/contracts/Basket.sol#L39

Consider changing to msg.sender and remove the factory_ parameter for the purpose of consistency and gas saving.

GalloDaSballo commented 2 years ago

Finding is valid, savings are minor