GalloDaSballo
commented
2 years ago Agree with the finding, and prefer the suggestion which keeps it fully trustless
Open code423n4 opened 2 years ago
GalloDaSballo
commented
2 years ago Agree with the finding, and prefer the suggestion which keeps it fully trustless
Handle
leastwood
Vulnerability details
Impact
The
validateWeights()function can be better optimised by using a hashmap to measure token uniqueness. Currently, the function utilises anO(n^2)solution. By first iterating through each hashmap index for_tokens, any previously set tokens can be first cleared . This improves the current solution toO(n).Proof of Concept
https://github.com/code-423n4/2021-09-defiProtocol/blob/main/contracts/contracts/Basket.sol#L53-L70
Tools Used
Manual code review
Recommended Mitigation Steps
Consider using a hashmap to measure token uniqueness. However, this hashmap needs to first be cleared out before using it each time in
validateWeights().