Open code423n4 opened 2 years ago
0xRajeev
For all functions taking user input of amount, requiring amount > 0 at the beginning of the function will save gas from avoiding execution of further logic for accidentally triggered zero amount transactions. This is a best-practice.
https://github.com/code-423n4/2021-09-wildcredit/blob/c48235289a25b2134bb16530185483e8c85507f8/contracts/LendingPair.sol#L138
https://github.com/code-423n4/2021-09-wildcredit/blob/c48235289a25b2134bb16530185483e8c85507f8/contracts/LendingPair.sol#L154
https://github.com/code-423n4/2021-09-wildcredit/blob/c48235289a25b2134bb16530185483e8c85507f8/contracts/LendingPair.sol#L162
and many others.
Manual Analysis
Add require (_amount > 0) at the beginning of the functions that accept _amount as parameter.
Handle
0xRajeev
Vulnerability details
Impact
For all functions taking user input of amount, requiring amount > 0 at the beginning of the function will save gas from avoiding execution of further logic for accidentally triggered zero amount transactions. This is a best-practice.
Proof of Concept
https://github.com/code-423n4/2021-09-wildcredit/blob/c48235289a25b2134bb16530185483e8c85507f8/contracts/LendingPair.sol#L138
https://github.com/code-423n4/2021-09-wildcredit/blob/c48235289a25b2134bb16530185483e8c85507f8/contracts/LendingPair.sol#L154
https://github.com/code-423n4/2021-09-wildcredit/blob/c48235289a25b2134bb16530185483e8c85507f8/contracts/LendingPair.sol#L162
and many others.
Tools Used
Manual Analysis
Recommended Mitigation Steps
Add require (_amount > 0) at the beginning of the functions that accept _amount as parameter.