c4-judge
commented
1 year ago Picodes marked the issue as satisfactory
Closed c4-judge closed 1 year ago
c4-judge
commented
1 year ago Picodes marked the issue as satisfactory
c4-judge
commented
1 year ago Picodes marked the issue as duplicate of #34
Judge has assessed an item in Issue #17 as 2 risk. The relevant finding follows:
Details In function addSwingTrader(), there is no check to ensure _swingTrader address is not existed. So admin can make a mistake and add the same _swingTrader address twice.
As the results, when there are duplicated _swingTrader addresses, all the for-loop through the swing trader lists will accounts the same address twice and lead to wrong result. It will affect sellMalt() and buyMalt() which are core functions of the contract.
This issue depends on admin to make the mistake but it is always better to add a input check.
Recommendation Consider adding check to ensure there is no duplicated traderContract addresses can be added.