Upgraded Q -> M from 294 [1654058024144] #329
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate
This issue or pull request already exists
Judge has assessed an item in Issue #294 as Medium risk. The relevant finding follows:
Beneficiary is credited additional ETH above premium
The Cally#buyOption function ensures that the caller sends an ETH amount equal to or greater than the calculated premium:
buyOption#L224
It then credits the beneficiary with an amount equal to msg.value:
buyOption#L250
If the caller of buyOption sends excess ETH above the premium amount, this additional amount is credited to the beneficiary.
Recommendation: If this is intentional, clearly document this behavior for end users. If not, consider requiring an exact premium amount rather than accepting additional ETH.
The text was updated successfully, but these errors were encountered: