Submission Details
Severity:
`mowAndMigrate` is payable which is unnecessary
Summary
The function is marked as payable, but it does not interact with Ether transfers, and there are no payable functions being called within it.
Vulnerability Details
See the below code:
function mowAndMigrate(
address account,
address[] calldata tokens,
uint32[][] calldata seasons,
uint256[][] calldata amounts,
uint256 stalkDiff,
uint256 seedsDiff,
bytes32[] calldata proof
) external payable {
uint256 seedsVariance = LibLegacyTokenSilo._mowAndMigrate(account, tokens, seasons, amounts);
//had to break up the migration function into two parts to avoid stack too deep errors
LibLegacyTokenSilo._mowAndMigrateMerkleCheck(account, stalkDiff, seedsDiff, proof, seedsVariance);
}
Impact
The presence of the payable modifier might mislead developers into thinking that the function interacts with Ether, potentially leading to confusion.
Tools Used
Manual Review
Recommendations
Unless there is a specific reason for the function to accept Ether, such as receiving payments or handling refunds, the payable modifier should be removed.
Updates
Lead Judging Commences
giovannidisiena over 1 year ago
Submission Judgement Published Reason: Non-acceptable severity
Assigned finding tags:
Informational/Invalid
Stuck funds
Prize pool breakdown
Total prize
100,000 USDC
nSLOC
5,77617 USDC / LOC
95,000 USDC
5,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.