You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In transferFrom first receiver balance is increment and only then spender balance is decremented.
This allows to send more than you have. It is very minor as you send it to your self and total balance is not affected.
However, it is inconsistent with transfer where you first decrements sender balance and only then increment receiver balance.
The text was updated successfully, but these errors were encountered:
Just to clarify for everyone who sees this, this is only a minor problem because the sender's balance remains the same. However, attempting a transfer of more than the balance should fail.
I think this is actually an oversight in the ERC20 spec, too. For transfer it specifies that it should throw if the sender doesn't have enough balance, but it doesn't say anything for transferFrom.
Do you want to submit a PR swapping the sub and add lines, @yaronvel?
Thanks, I will submit PR soon.
One should also be aware that Transfer event will be logged. So if some services rely on this log (e.g., measure daily volume), it could be a real issue.
In
transferFrom
first receiver balance is increment and only then spender balance is decremented.This allows to send more than you have. It is very minor as you send it to your self and total balance is not affected.
However, it is inconsistent with
transfer
where you first decrements sender balance and only then increment receiver balance.The text was updated successfully, but these errors were encountered: