Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Inclusive conditions #202

Open
code423n4 opened this issue Feb 2, 2022 · 1 comment
Open

Inclusive conditions #202

code423n4 opened this issue Feb 2, 2022 · 1 comment
Labels
0 (Non-critical) Code style, clarity, syntax, versioning, off-chain monitoring (events etc), exclude gas optimisation bug Something isn't working

Comments

@code423n4
Copy link
Contributor

Handle

pauliax

Vulnerability details

Impact

Either the error message or condition is not exactly correct, to cover the case when newBalance = reserveBalance:

  require(newBalance < reserveBalance, "cannot increase reserve balance");

These conditions should probably also be inclusive:

  coolDown.redeemWindowBegin < block.timestamp &&
  block.timestamp < coolDown.redeemWindowEnd
@code423n4 code423n4 added 0 (Non-critical) Code style, clarity, syntax, versioning, off-chain monitoring (events etc), exclude gas optimisation bug Something isn't working labels Feb 2, 2022
code423n4 added a commit that referenced this issue Feb 2, 2022
@code423n4
pauliax issue #202
2980c73
@pauliax
Copy link
Collaborator

pauliax commented Feb 15, 2022

I am grouping all issues related to inclusive conditions together and marking this issue as primary because it contains both cases, redeem window, and balances. No significant impact, so leaving it with a non-critical severity.

This was referenced Feb 15, 2022
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
0 (Non-critical) Code style, clarity, syntax, versioning, off-chain monitoring (events etc), exclude gas optimisation bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pauliax @code423n4