Open code423n4 opened 2 years ago
cmichel
The minimumAmountReceived check in Swap.swapByQuote is implemented like this:
minimumAmountReceived
Swap.swapByQuote
require( ( !signifiesETHOrZero(zrxBuyTokenAddress) && boughtERC20Amount >= minimumAmountReceived ) || ( signifiesETHOrZero(zrxBuyTokenAddress) && boughtETHAmount >= minimumAmountReceived ), "Swap::swapByQuote: Minimum swap proceeds requirement not met" );
It can be simplified to this which performs less calls to signifiesETHOrZero and less logical operators:
signifiesETHOrZero
require( (signifiesETHOrZero(zrxBuyTokenAddress) ? boughtETHAmount : boughtERC20Amount) >= minimumAmountReceived, "...");
And has the benefit of being clearer! Great find!
Handle
cmichel
Vulnerability details
The
minimumAmountReceived
check inSwap.swapByQuote
is implemented like this:It can be simplified to this which performs less calls to
signifiesETHOrZero
and less logical operators: