Outdated comment at calculateWithdrawalAmountsOnPartVaults #13
Labels
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Handle
gpersoon
Vulnerability details
Impact
The comment calculateWithdrawalAmountsOnPartVaults says it returns true of false (e.g. boolean).
However the function implementation returns:
uint256 withdrawType
Probably the comment is outdated, which can be confusing.
Proof of Concept
// https://github.com/code-423n4/2021-06-gro/blob/main/contracts/insurance/Insurance.sol#L329
/// @notice Calculate withdrawal amounts based on part vaults, if the sum of part vaults'
/// maxWithdrawal can meet required amount, return true and valid array,
/// otherwise return false and invalid array
...
function calculateWithdrawalAmountsOnPartVaults(uint256 amount, address[N_COINS] memory vaults)
private view returns (uint256 withdrawType, uint256[N_COINS] memory withdrawalAmounts)
{
Tools Used
Recommended Mitigation Steps
Fix the comment of function calculateWithdrawalAmountsOnPartVaults
The text was updated successfully, but these errors were encountered: