[SEC-F24] Very small refunds are possible and block later refunds
krpeacock opened this issue · 0 comments
krpeacock commented
Observation
In refund_invoice, an arbitrarily small refund (larger than the fee) is possible. After a refund, no further refund is possible.
The only way to refund would be to refund by doing transfers completely outside of the invoice canister. However, that would not be documented in the invoice.
Risk Description
If accidentally a very small refund would be done, this may block further refunds.
Recommendations
- specify (in the design) the intended behavior of refund flows.
- e.g. should it be possible to refund several times? How would that be documented in the invoice stored on the canister?
- Alternately - remove refund feature