Open code423n4 opened 2 years ago
0xRajeev
While there doesn't appear to be a need to clear the auctionBonder address, a better way of indicating the intent is to use delete. This may also save gas based on compiler optimizations.
https://github.com/code-423n4/2021-09-defiProtocol/blob/52b74824c42acbcd64248f68c40128fe3a82caf6/contracts/contracts/Auction.sol#L123
Manual Analysis
Use delete to clear state variables by explicitly indicating intent and also saving gas.
Agree with finding, this does not save gas, changing to non-critical
Handle
0xRajeev
Vulnerability details
Impact
While there doesn't appear to be a need to clear the auctionBonder address, a better way of indicating the intent is to use delete. This may also save gas based on compiler optimizations.
Proof of Concept
https://github.com/code-423n4/2021-09-defiProtocol/blob/52b74824c42acbcd64248f68c40128fe3a82caf6/contracts/contracts/Auction.sol#L123
Tools Used
Manual Analysis
Recommended Mitigation Steps
Use delete to clear state variables by explicitly indicating intent and also saving gas.