kgothatso - user can call `announceLimitOrder` with same tokens
Closed this issue · 2 comments
sherlock-admin2 commented
kgothatso
medium
user can call announceLimitOrder with same tokens
Summary
user can call announceLimitOrder with same tokens
Vulnerability Detail
user can call announceLimitOrder with same tokens and cancel one order limit cancelLimitOrder
Impact
incorrect calculation for liquidation
Code Snippet
https://github.com/sherlock-audit/2023-12-flatmoney/blob/main/flatcoin-v1/src/LimitOrder.sol#L58
https://github.com/sherlock-audit/2023-12-flatmoney/blob/main/flatcoin-v1/src/LimitOrder.sol#L87
Tool used
Manual Review
Recommendation
check to see if token has been used to make announceLimitOrder if yes then revert
sherlock-admin commented
1 comment(s) were left on this issue during the judging contest.
takarez commented:
invalid
nevillehuang commented
Invalid, almost no impact of issue described