status-network-token icon indicating copy to clipboard operation
status-network-token copied to clipboard

Published 20 hours ago verified publisher icon status-im

High : checking if caller during sale is done incorrectly

Open ytrezq opened this issue 6 years ago • 0 comments
trafficstars 

    // Do not allow contracts to game the system
    require(!isContract(caller));

There’s a well‑known case where a caller has codesize of 0 and is a contract. It should always use a tx.origin comparison instead. Still better to fix it for those who might copy this wrong code.

ytrezq avatar Sep 16 '19 00:09 ytrezq