Public checkpoint function from VotingEscrow performs state changes
Summary
The checkpoint external function calls the _checkpoint internal function, which performs various internal state updates.
Vulnerability Detail
The external function named checkpoint does not have any access modifier, which means any entity can call it freely. The function calls the internal implementation _checkpoint, which records a new checkpoint by updating point_history, user_point_history and slope_changes
Looking at the reference contract, it seems that the _checkpoint function was not meant to be called by external actors.
Impact
Low impact;
Code Snippet
N/A
Tool used
Manual Review
Recommendation
Decide whether the checkpoint() external function is really needed. If it is needed, at least consider adding nonReentrant to it
Funny Merlot Yeti
Low/Info
Public checkpoint function from VotingEscrow performs state changes
Summary
The
checkpointexternal function calls the_checkpointinternal function, which performs various internal state updates.Vulnerability Detail
The external function named
checkpointdoes not have any access modifier, which means any entity can call it freely. The function calls the internal implementation_checkpoint, which records a new checkpoint by updatingpoint_history,user_point_historyandslope_changesLooking at the reference contract, it seems that the
_checkpointfunction was not meant to be called by external actors.Impact
Low impact;
Code Snippet
N/A
Tool used
Manual Review
Recommendation
Decide whether the
checkpoint() externalfunction is really needed. If it is needed, at least consider addingnonReentrantto it