fix #563 & #564 #566

alexcos20 · 2022-03-16T07:58:18Z

Closes #563
Closes #564

Changes:

When deploying a new FixedRate or Dispenser, you need ERC20Deployer role
When an owner tries to set FixedRateExchange.toggleMintState, we check if the owner still has rights
When nft.transfer is called, all ERC20 will do:
- _terminateAllMintFixedRates - loops through every FixedRate for that datatoken, and if that fixedrate has mint right, will be deleted (transfering all funds to owner (datatokens, basetokens), marketFees and OPCFees
- _terminateAllMintDispensers- loops through every Dispenser for that datatoken, and if that dispenser has mint right, will be deleted

alexcos20 · 2022-03-16T21:41:12Z

Got confirmation from halborn that all 4 issues are false positive, so we are good to merge this

fix #563 & #564

6c542af

alexcos20 added this to the V4 milestone Mar 16, 2022

alexcos20 self-assigned this Mar 16, 2022

alexcos20 requested a review from trentmc as a code owner March 16, 2022 07:58

This was linked to issues Mar 16, 2022

Mint attack on FixedRateExchange using NFT.transfer #563

Closed

Mint attack on FixedRateExchange using worthless ERC20 #564

Closed

alexcos20 requested a review from mihaisc March 16, 2022 07:59

alexcos20 added 2 commits March 16, 2022 01:00

remove console.log

30819a0

fix reentrancy

a1ddb82

alexcos20 merged commit ee34bfb into feature/v1.0.0-rc1 Mar 17, 2022

alexcos20 deleted the bug/fre_vulnerabilities branch March 17, 2022 05:36

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix #563 & #564 #566

fix #563 & #564 #566

alexcos20 commented Mar 16, 2022

alexcos20 commented Mar 16, 2022

fix #563 & #564 #566

fix #563 & #564 #566

Conversation

alexcos20 commented Mar 16, 2022

alexcos20 commented Mar 16, 2022