Code4renaCODE423N4:2022-11-DEBTDAO-FINDINGS-ISSUES-524Upgraded Q -> M from #76 [1670347574630]
Judge has assessed an item in Issue #76 as M risk. The relevant finding follows:
L02] address.call{value:x}() should be used instead of payable.transfer()
Impact
The use of payable.transfer() is heavily frowned upon because it can lead to the locking of funds. The transfer() call requires that the recipient has a payable callback, only provides 2300 gas for its operation. This means the following cases can cause the transfer to fail:
The contract does not have a payable callback
The contractβs payable callback spends more than 2300 gas (which is only enough to emit something)
The contract is called through a proxy which itself uses up the 2300 gas
Findings:
Line-of-Credit/contracts/utils/LineLib.sol::48 => payable(receiver).transfer(amount);
The text was updated successfully, but these errors were encountered:
All reactions