Open code423n4 opened 2 years ago
gzeon
require(to != beneficiary, 'same address') on OLETokenLock.sol L59 is redundant since it is impossible to have releaseVars[x].amount > 0 and releaseVars[x].amount == 0 at the same time.
require(to != beneficiary, 'same address')
https://github.com/code-423n4/2022-01-openleverage/blob/501e8f5c7ebaf1242572712626a77a3d65bdd3ad/openleverage-contracts/contracts/OLETokenLock.sol#L59
require(releaseVars[beneficiary].amount > 0, 'beneficiary does not exist'); require(releaseVars[to].amount == 0, 'to is exist'); require(to != beneficiary, 'same address');
Handle
gzeon
Vulnerability details
Impact
require(to != beneficiary, 'same address')
on OLETokenLock.sol L59 is redundant since it is impossible to have releaseVars[x].amount > 0 and releaseVars[x].amount == 0 at the same time.Proof of Concept
https://github.com/code-423n4/2022-01-openleverage/blob/501e8f5c7ebaf1242572712626a77a3d65bdd3ad/openleverage-contracts/contracts/OLETokenLock.sol#L59