Open code423n4 opened 2 years ago
The sponsor has mitigated, I would go either way as require messages do increase bytecode
Something to look into are brownie revert dev
comments
That said the sponsor has implemented the suggestion so the finding is valid
Handle
JMukesh
Vulnerability details
Impact
require message give the idea what was the cause of failure , so its the best practise to add message in require()
Proof of Concept
https://github.com/code-423n4/2021-10-ambire/blob/bc01af4df3f70d1629c4e22a72c19e6a814db70d/contracts/wallet/Zapper.sol#L218
Tools Used
manual reveiw
Recommended Mitigation Steps
add message in require()