`mintTo` has not an extra require statement

[code423n4]

Handle

0x0x0x

Vulnerability details

basket.sol#mintTo is as follows:

function mintTo(uint256 amount, address to) public nonReentrant override {

require(auction.auctionOngoing() == false);

require(amount > 0);

uint256 startSupply = totalSupply();

require(startSupply + amount <= maxSupply);

handleFees(startSupply);

pullUnderlying(amount, msg.sender);

_mint(to, amount);

require(totalSupply() <= maxSupply);

emit Minted(to, amount);

}

To check, whether maxSupply is exceeded first the following statement is used:

require(startSupply + amount <= maxSupply);

At the end of the function once again, it is checked:

require(totalSupply() <= maxSupply);

Since second requirement already check whether maximum supply is exceeded, the first on is not required and consumes extra gas.

[0xleastwood]

I agree, the first require statement is redundant.