Closed sherlock-admin closed 1 year ago
GIGI
medium
https://github.com/JOJOexchange/smart-contract-EVM/blob/4a95a8e9a6367ae88dc827e29467229cb5bbad4f/contracts/lib/Trading.sol#L62 The logic that checks if traders are sorted in the approveTrade function is flawed. The condition orderList[i].signer > orderList[i - 1].signer is used to increment the uniqueTraderNum , it seems to assume that the signers are ordered in a ascending order, however .signer is an ethereum address.
orderList[i].signer > orderList[i - 1].signer
uniqueTraderNum
.signer
This faulty logic check might cause the contract unable to deliver transaction because of address mismatch.
It might be more appropriate to use != instead of >. This way the contract will be able to match order regardless of the address ordering.
if (orderList[i].signer != orderList[i - 1].signer) { uniqueTraderNum = uniqueTraderNum + 1; } else { require( orderList[i].signer == orderList[i - 1].signer, Errors.ORDER_WRONG_SORTING ); }
GIGI
medium
Faulty Logic in Trader Sorting
https://github.com/JOJOexchange/smart-contract-EVM/blob/4a95a8e9a6367ae88dc827e29467229cb5bbad4f/contracts/lib/Trading.sol#L62 The logic that checks if traders are sorted in the approveTrade function is flawed. The condition
orderList[i].signer > orderList[i - 1].signeris used to increment theuniqueTraderNum, it seems to assume that the signers are ordered in a ascending order, however.signeris an ethereum address.This faulty logic check might cause the contract unable to deliver transaction because of address mismatch.
It might be more appropriate to use != instead of >. This way the contract will be able to match order regardless of the address ordering.