The MainHelper::_updatePseudoTotalAmounts function will ensure that a non-zero feeAmount is extracted, however, a non-zero feeAmount does not necessarily guarantee a non-zero amount of feeShares as shares may become over-valued as the project grows.
We advise the code to instead ensure that feeShares is non-zero and to return early if it is zero, optimizing the gas cost of the function significantly.
vm06007
commented
1 year ago
MHR-07C: Weak Validation of Non-Zero Fees
Description:
The
MainHelper::_updatePseudoTotalAmountsfunction will ensure that a non-zerofeeAmountis extracted, however, a non-zerofeeAmountdoes not necessarily guarantee a non-zero amount offeeSharesas shares may become over-valued as the project grows.Example:
Recommendation:
We advise the code to instead ensure that
feeSharesis non-zero and toreturnearly if it is zero, optimizing the gas cost of the function significantly.