code423n4 commented 2 years ago

Unnecessary Usage of `transferFrom` when transferring from address(this)

The code for transfering tokens in:

Uses transferFrom while it could simply use transfer, this will save gas (less calldata and less checks)

Lack of safeTransfer

The code for sweeping tokens in:

Is not using safeTransfer, hence doesn't check if the transfer was successful, which is inconsistent with the rest of the code

Variable Shadowing

In NibblVault.sol

The variable _totalSupply is part of ERC20Upgradeable but certain functions are shadowing it It may be best to rename it to avoid potential mistakes

mundhrakeshav commented 2 years ago

16

HardlyDifficult commented 2 years ago

Merging with https://github.com/code-423n4/2022-06-nibbl-findings/issues/272

HardlyDifficult commented 2 years ago

1) is invalid.

code-423n4 / 2022-06-nibbl-findings

QA Report #283

Unnecessary Usage of `transferFrom` when transferring from address(this)

Lack of safeTransfer

Variable Shadowing

16

code-423n4 / 2022-06-nibbl-findings

QA Report #283

Unnecessary Usage of transferFrom when transferring from address(this)

Lack of safeTransfer

Variable Shadowing

16

Unnecessary Usage of `transferFrom` when transferring from address(this)