search

sujithsomraaj / lifi-stargate-v2-audit

3 Day Review [10 Jun 2024 - 13 Jun 2024]
0 stars 0 forks source link

`ReentrancyGuard` is unused in `ReceiverStargateV2` #10

Open sujithsomraaj opened 5 months ago

sujithsomraaj commented 5 months ago

Context: ReceiverStargateV2.sol#L42

Description: The ReentrancyGuard is imported and inherited by the ReceiverStargateV2 contract. However, the helper contract functions are not used anywhere in the ReceiverStargateV2 context.

The function lzCompose is protected; hence, re-entrancy is impossible, as lzEndpoint clears the payload before making the external call to ReceiverStargateV2.

The function pullToken is also owner-protected, preventing re-entrancy.

Recommendation: Evaluate the need for reentrancy import in the contract and remove it if it is not required.

LI.FI:

Researcher:

0xDEnYO commented 5 months ago

Thanks for pointing this out. Was just an unused import. Removed and closing this issue.