Open code423n4 opened 2 years ago
transferFrom
The code for transfering tokens in:
Uses transferFrom while it could simply use transfer, this will save gas (less calldata and less checks)
transfer
The code for sweeping tokens in:
Is not using safeTransfer, hence doesn't check if the transfer was successful, which is inconsistent with the rest of the code
In NibblVault.sol
NibblVault.sol
The variable _totalSupply is part of ERC20Upgradeable but certain functions are shadowing it It may be best to rename it to avoid potential mistakes
_totalSupply
ERC20Upgradeable
Merging with https://github.com/code-423n4/2022-06-nibbl-findings/issues/272
1) is invalid.
Unnecessary Usage of
transferFrom
when transferring from address(this)The code for transfering tokens in:
Uses
transferFrom
while it could simply usetransfer
, this will save gas (less calldata and less checks)Lack of safeTransfer
The code for sweeping tokens in:
Is not using safeTransfer, hence doesn't check if the transfer was successful, which is inconsistent with the rest of the code
Variable Shadowing
In
NibblVault.sol
The variable
_totalSupply
is part ofERC20Upgradeable
but certain functions are shadowing it It may be best to rename it to avoid potential mistakes