Closed CloudEllie closed 2 years ago
Judge @GalloDaSballo has assessed the 2nd Low-severity item in QA Report #66 as Medium risk. The relevant finding follows:
…
In case of a fee-on-transfer ERC20 token the savedTokens balance will not represent the actual balance of the contract:
You can either disable the use of fee-on-transfer tokens for donations or use the actual balance:
// disable uint oldBalance = _token.balanceOf(address(this)); _token.safeTransferFrom(msg.sender, address(this), _amount); uint newBalance = _token.balanceOf(address(this)); require(_amount == (newBalance - oldBalance)); savedTokens[_token] += _amount;
// use actual balance _token.safeTransferFrom(msg.sender, address(this), _amount); savedTokens[_token] = _token.balanceOf(address(this));
Duplicate of #180
CloudEllie
commented
2 years ago CloudEllie
commented
2 years ago
Judge @GalloDaSballo has assessed the 2nd Low-severity item in QA Report #66 as Medium risk. The relevant finding follows:
…
In case of a fee-on-transfer ERC20 token the savedTokens balance will not represent the actual balance of the contract:
You can either disable the use of fee-on-transfer tokens for donations or use the actual balance: