Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Missing check for zero value in setBalance(), MockVeToken.sol

hawks

Summary

The function setBalancemodifies token balances and voting power.

Vulnerability Details

The setBalance function does not actually check for sufficiency before minting/burning, it simply executes based on the difference This causes unnecessary minting/burning operations, leading to potential gas inefficiencies and possible unintended state changes.

If currentBalance == balance == 0, then no minting or burning occurs. If the function is called repeatedly with balance == 0, it still executes logic unnecessarily leading to gas inefficiencies.

// @ audit missing check for zero value for balance & currentBalance
function setBalance(address account, uint256 balance) external {
uint256 currentBalance = balanceOf(account);
if (currentBalance < balance) {
_mint(account, balance - currentBalance);
_votingPower[account] += (balance - currentBalance);
_totalVotingPower += (balance - currentBalance);
} else if (currentBalance > balance) {
_burn(account, currentBalance - balance);
_votingPower[account] -= (currentBalance - balance);
_totalVotingPower -= (currentBalance - balance);
}
}

Impact

Increase gas without doing anything.

Tools Used

Manual review

Recommendations

Add a check at the start of the function to return early if both values are zero.

If (currentBalance == balance) {
return;
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Invalidated
Reason: Out of scope

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.