Handle

0xRajeev

Vulnerability details

Impact

While there doesn't appear to be a need to clear the auctionBonder address, a better way of indicating the intent is to use delete. This may also save gas based on compiler optimizations.

Proof of Concept

https://github.com/code-423n4/2021-09-defiProtocol/blob/52b74824c42acbcd64248f68c40128fe3a82caf6/contracts/contracts/Auction.sol#L123

Tools Used

Manual Analysis

Recommended Mitigation Steps

Use delete to clear state variables by explicitly indicating intent and also saving gas.

code-423n4 / 2021-09-defiprotocol-findings

Using delete to clear variables instead of zero assignment  #149

Handle

Vulnerability details

Impact

Proof of Concept

Tools Used

Recommended Mitigation Steps

code-423n4 / 2021-09-defiprotocol-findings

Using delete to clear variables instead of zero assignment #149

Handle

Vulnerability details

Impact

Proof of Concept

Tools Used

Recommended Mitigation Steps

Using delete to clear variables instead of zero assignment  #149