search

hats-finance / Euro-Dollar-0xa4ccd3b6daa763f729ad59eae75f9cbff7baf2cd

Audit competition repository for Euro-Dollar (0xa4ccd3b6daa763f729ad59eae75f9cbff7baf2cd)
https://hats.finance
MIT License
3 stars 2 forks source link

Signature use at deadlines should be allowed #6

Open hats-bug-reporter[bot] opened 1 month ago

hats-bug-reporter[bot] commented 1 month ago

Github username: -- Twitter username: -- Submission hash (on-chain): 0x315dfb2fb8554c58ecec1d74ffae951070be39a601b3437de3771055dede0184 Severity: low

Description: Description\ According to EIP-2612, signatures used on exactly the deadline timestamp are supposed to be allowed. While the signature may or may not be used for the exact EIP-2612 use case (transfer approvals), for consistency's sake, all deadlines should follow this semantic. If the timestamp is an expiration rather than a deadline, consider whether it makes more sense to include the expiration timestamp as a valid timestamp, as is done for deadlines.

Instances (2):

File: YieldOracle.sol

71:         require(lastUpdate + updateDelay < block.timestamp, "Insufficient update delay");

95:         require(lastUpdate + commitDelay < block.timestamp, "Insufficient commit delay");
AndreiMVP commented 1 month ago

That's a suggestion but doesn't look like a problem in practice.