Closed code423n4 closed 2 years ago
defsec
_beforeTokenTransfer() and _afterTokenTransfer() Both Functions Do Nothing But was used in _burn(), _mint(), _transfer() etc. This will waste gas.
https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/InsureDAOERC20.sol#L351
https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/InsureDAOERC20.sol#L371
None
Remove _beforeTokenTransfer() and _afterTokenTransfer().
Remove Both within Functions that use them like _burn(), _mint(), _transfer() etc.
This contract tends to be inherited by Pool/Index/CDSTemplates as a LP token. _beforeTokenTransfer() is overridden in the templates, and _afterTokenTransfer might be done so in the future.
closing as invalid.
Handle
defsec
Vulnerability details
Impact
_beforeTokenTransfer() and _afterTokenTransfer() Both Functions Do Nothing But was used in _burn(), _mint(), _transfer() etc. This will waste gas.
Proof of Concept
https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/InsureDAOERC20.sol#L351
https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/InsureDAOERC20.sol#L371
Tools Used
None
Recommended Mitigation Steps
Remove _beforeTokenTransfer() and _afterTokenTransfer().
Remove Both within Functions that use them like _burn(), _mint(), _transfer() etc.