Open code423n4 opened 1 year ago
DripsHub.setSplits
FUNCTION TO FRONTRUN OTHER USER'S DripsHub.split
FUNCTION CALL, WHICH CAN BREAK AGREEMENT BETWEEN THESE USERSDup M-04
NC
Caller.callBatched
FUNCTION IS LOCKED IN Caller
CONTRACT, WHICH IS RISKY TO USERS WHO DO NOT READ THIS FUNCTION'S CODEL
DripsHub.registerDriver
FUNCTION WITH MEANINGLESS driverAddr
INPUT FOR MANY TIMES CAN CAUSE EVENT LOG POISONING AND USE UP dripsHubStorage.nextDriverId
R, not realistic to dos
L due to lack of attack / risk
address(0)
CHECKS FOR CRITICAL ADDRESS INPUTSL
R
MAX_TOTAL_BALANCE
IS NOT CODED AS MINIMUM OF _MAX_TOTAL_DRIPS_BALANCE
AND _MAX_TOTAL_SPLITS_BALANCE
, WHICH DOES NOT MATCH CODE COMMENTL
R
NC
@param
USAGENC
NC
NC
4L 3R 5NC
GalloDaSballo marked the issue as grade-a
See the markdown file with the details of this report here.