code423n4 commented 2 years ago

Handle

Jujic

Vulnerability details

Impact

Shortening revert strings to fit in 32 bytes will decrease deployment time gas and will decrease runtime gas when the revert condition has been met.

Proof of Concept

function _onlyUSDV() private view {
        require(
            address(usdv) == msg.sender,
            "Vader::_onlyUSDV: Insufficient Privileges"
        );
 }

https://github.com/code-423n4/2021-12-vader/blob/00ed84015d4116da2f9db0c68db6742c89e73f65/contracts/tokens/Vader.sol#L225

Tools Used

Remix

Recommended Mitigation Steps

Shorten the revert strings to fit in 32 bytes.

0xstormtrooper commented 2 years ago

Vader is already live

jack-the-pug commented 2 years ago

Dup #188

code-423n4 / 2021-12-vader-findings