search

code-423n4 / 2022-01-openleverage-findings

0 stars 0 forks source link

cheaper to change require to toSend #235

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Handle

Fitraldys

Vulnerability details

Impact

in line https://github.com/code-423n4/2022-01-openleverage/blob/main/openleverage-contracts/contracts/XOLE.sol#L61 is cheaper to change require and move uint toSend to above line require.

Proof of Concept

https://github.com/code-423n4/2022-01-openleverage/blob/main/openleverage-contracts/contracts/XOLE.sol#L61

function aku() public {

        require(msg.sender == dev, "Dev only");
        require(devFund != 0, "No fund to withdraw");
        uint toSend = devFund;
        devFund = 0;
    }
//23706 gas

to :

function aku() public {

        require(msg.sender == dev, "Dev only");
        uint toSend = devFund;
        require(toSend != 0, "No fund to withdraw");
        devFund = 0;
    }
//23606 gas
ColaM12 commented 2 years ago

Duplicate to #137