Closed code423n4 closed 2 years ago
Disagree with the finding, a missing revert message is not necessary, additionally using //dev comments allows to get the same result when debugging
Lastly, when running a stacktrace you can always track back to the revert condition, the message is not useful for devs, it's higher gas cost and most of the time the end user doesn't care / is shown something else anyway
Agree with sponsor, it makes sense to not add revert messages for functions that only callable for restricted accounts.
Handle
WatchPug
Vulnerability details
https://github.com/Badger-Finance/badger-ibbtc-utility-zaps/blob/a5c71b72222d84b6414ca0339ed1761dc79fe56e/contracts/SettToRenIbbtcZap.sol#L167-L171
https://github.com/Badger-Finance/badger-ibbtc-utility-zaps/blob/a5c71b72222d84b6414ca0339ed1761dc79fe56e/contracts/SettToRenIbbtcZap.sol#L189-L193
https://github.com/Badger-Finance/badger-ibbtc-utility-zaps/blob/6f700995129182fec81b772f97abab9977b46026/contracts/IbbtcVaultZap.sol#L54-L55