there is no owner balance checking before permit amount to spender. So owner can permit more than it`s balance to spender. Maybe this issue is not very risky but checking owner balance before permitting is more safe
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
Lines of code
https://github.com/code-423n4/2022-03-volt/blob/f1210bf3151095e4d371c9e9d7682d9031860bbd/contracts/vcon/Vcon.sol#L243
Vulnerability details
Impact
there is no owner balance checking before permit amount to spender. So owner can permit more than it`s balance to spender. Maybe this issue is not very risky but checking owner balance before permitting is more safe
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
Tools Used
manual analysis
Recommended Mitigation Steps :
Checking owner balance before permitting.