Open code423n4 opened 2 years ago
Contract: https://github.com/code-423n4/2022-07-yield/blob/main/contracts/Witch.sol#L180
Issue: auction function will fail at later stage even if vault id provided by user does not exist. This waste gas
Recommendation: Add below check:
DataTypes.Vault memory vault = cauldron.vaults(vaultId); require(vault.owner!=address(0), "Vault not found");
Contract: https://github.com/code-423n4/2022-07-yield/blob/main/contracts/Witch.sol#L286
Issue: If maxBaseIn is provided 0 value while calling payBase function, it means user is paying for 0 debt which does not make sense and should be reverted immediately to prevent gas. Same applies for payFYToken function
Recommendation: Add below check
require(maxBaseIn!=0,"Incorrect value");
Check non existing vault to save gas
Contract: https://github.com/code-423n4/2022-07-yield/blob/main/contracts/Witch.sol#L180
Issue: auction function will fail at later stage even if vault id provided by user does not exist. This waste gas
Recommendation: Add below check:
maxBaseIn cannot be 0
Contract: https://github.com/code-423n4/2022-07-yield/blob/main/contracts/Witch.sol#L286
Issue: If maxBaseIn is provided 0 value while calling payBase function, it means user is paying for 0 debt which does not make sense and should be reverted immediately to prevent gas. Same applies for payFYToken function
Recommendation: Add below check