Open hats-bug-reporter[bot] opened 8 months ago
Github username: @saidqayoumsadat Submission hash (on-chain): 0xcbcca374d0d278b9d4e66cb41bc59342e77f215944efa72f259615c36d425ee7 Severity: low
Description: Description
Code should follow the best-practice of check-effects-interaction, where state variables are updated before any external calls are made. Doing so prevents a large class of reentrancy bugs.
file: /contracts/mocks/ERC20Mock.sol 69 delegates[msg.sender] = delegatee;
https://github.com/hats-finance/hats-contracts/blob/0d6ebbde912bc272d9b310140d434ee2aacd36d3/contracts/mocks/ERC20Mock.sol#L69
file: /contracts/mocks/HatVaultForConnectorMock.sol 93 activeClaim.challengedAt = uint32(block.timestamp);
https://github.com/hats-finance/hats-contracts/blob/0d6ebbde912bc272d9b310140d434ee2aacd36d3/contracts/mocks/HatVaultForConnectorMock.sol#L93
file: /contracts/HATArbitrator.sol 128 totalBondsOnClaim[_vault][_claimId] += _bondAmount;
https://github.com/hats-finance/hats-contracts/blob/0d6ebbde912bc272d9b310140d434ee2aacd36d3/contracts/HATArbitrator.sol#L128
Github username: @saidqayoumsadat Submission hash (on-chain): 0xcbcca374d0d278b9d4e66cb41bc59342e77f215944efa72f259615c36d425ee7 Severity: low
Description: Description
Code should follow the best-practice of check-effects-interaction, where state variables are updated before any external calls are made. Doing so prevents a large class of reentrancy bugs.
https://github.com/hats-finance/hats-contracts/blob/0d6ebbde912bc272d9b310140d434ee2aacd36d3/contracts/mocks/ERC20Mock.sol#L69
https://github.com/hats-finance/hats-contracts/blob/0d6ebbde912bc272d9b310140d434ee2aacd36d3/contracts/mocks/HatVaultForConnectorMock.sol#L93
https://github.com/hats-finance/hats-contracts/blob/0d6ebbde912bc272d9b310140d434ee2aacd36d3/contracts/HATArbitrator.sol#L128