search

code-423n4 / 2022-01-trader-joe-findings

2 stars 0 forks source link

Cache internal call result #279

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Handle

Czar102

Vulnerability details

Impact

_atPhase internal function of LaunchEvent may potentially call currentPhase() 4 times, that's unnecessary.

Proof of Concept

    function _atPhase(Phase _phase) internal view {
        if (_phase == Phase.NotStarted) {
            require(
                currentPhase() == Phase.NotStarted,
                "LaunchEvent: not in not started"
            );
        } else if (_phase == Phase.PhaseOne) {
            require(
                currentPhase() == Phase.PhaseOne,
                "LaunchEvent: not in phase one"
            );
        } else if (_phase == Phase.PhaseTwo) {
            require(
                currentPhase() == Phase.PhaseTwo,
                "LaunchEvent: not in phase two"
            );
        } else if (_phase == Phase.PhaseThree) {
            require(
                currentPhase() == Phase.PhaseThree,
                "LaunchEvent: not in phase three"
            );
        } else {
            revert("LaunchEvent: unknown state");
        }
    }

Tools Used

Manual analysis

Recommended Mitigation Steps

Cache the return value of the call.

cryptofish7 commented 2 years ago

Duplicate of #162