search

code-423n4 / 2021-12-vader-findings

0 stars 0 forks source link

bytes calldata argument is not used in swap() function #63

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Handle

jayjonah8

Vulnerability details

Impact

In BasePool.sol the swap() function has an unnamed bytes calldata argument that is not used or needed. This may be done to give the two swap() functions different function signatures. Consider removing the bytes calldata arg and changing the second swap() functions name to _swap(). This will reduce confusion and code.

Proof of Concept

https://github.com/code-423n4/2021-12-vader/blob/main/contracts/dex/pool/BasePool.sol#L264

https://github.com/code-423n4/2021-12-vader/blob/main/contracts/dex/pool/BasePool.sol#L288

Tools Used

Manual code review

jack-the-pug commented 2 years ago

No significant impact. I'll downgrade to non.

jack-the-pug commented 2 years ago

Dup of #35