Unchecked transfer
Summary
In this audit, I reviewed the claim function of the Beedle contract and compared two different versions of the function. The goal was to identify any vulnerabilities and suggest improvements for better gas optimization and security.
Vulnerability Details
The claim function lacked a check for the user's claimable balance, potentially leading to unnecessary token transfers when users had no tokens to claim.
Impact
Without the claimable balance check, the claim function could result in additional gas costs and potentially waste network resources for users with zero tokens to claim.
Tools Used
For this audit, I used Slither to perform code analysis and detect potential vulnerabilities in the smart contract.
Recommendations
Based on the findings, I recommend adopting the commited version claim function, as it includes a claimable balance check before initiating the token transfer. This check ensures that only users with a positive claimable balance receive tokens, reducing unnecessary gas costs and optimizing the contract's performance.
function claim() external {
updateFor(msg.sender);
uint256 claimAmount = claimable[msg.sender];
require(claimAmount > 0, "No tokens to claim");
claimable[msg.sender] = 0;
balance = WETH.balanceOf(address(this));
require(
WETH.transfer(msg.sender, claimAmount),
"Token transfer failed"
);
}
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.