Code does not follow the best practice of check-effects-interaction

Question

Code does not follow the best practice of check-effects-interaction

Opened this issue a year ago · 0 comments

Github username: @saidqayoumsadat
Submission hash (on-chain): 0xcbcca374d0d278b9d4e66cb41bc59342e77f215944efa72f259615c36d425ee7
Severity: low

Description:
Description

Code should follow the best-practice of check-effects-interaction, where state variables are updated before any external calls are made. Doing so prevents a large class of reentrancy bugs.

file: /contracts/mocks/ERC20Mock.sol

69        delegates[msg.sender] = delegatee;

https://github.com/hats-finance/hats-contracts/blob/0d6ebbde912bc272d9b310140d434ee2aacd36d3/contracts/mocks/ERC20Mock.sol#L69

file: /contracts/mocks/HatVaultForConnectorMock.sol

93        activeClaim.challengedAt = uint32(block.timestamp);

https://github.com/hats-finance/hats-contracts/blob/0d6ebbde912bc272d9b310140d434ee2aacd36d3/contracts/mocks/HatVaultForConnectorMock.sol#L93

file: /contracts/HATArbitrator.sol
 
128        totalBondsOnClaim[_vault][_claimId] += _bondAmount;

https://github.com/hats-finance/hats-contracts/blob/0d6ebbde912bc272d9b310140d434ee2aacd36d3/contracts/HATArbitrator.sol#L128