Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🔒 Add extcodesize check to SafeTransferLib #424

Merged
merged 7 commits into from
Oct 27, 2024

Conversation

MiloTruck
Copy link
Contributor

@MiloTruck MiloTruck commented Oct 17, 2024

Description

Add an extcodesize check to all ERC20-related functions in SafeTransferLib, which ensures that the address at token has code if it does not return true.

Checklist

Ensure you completed all of the steps below before submitting your pull request:

  • Ran forge snapshot?
  • Ran npm run lint?
  • Ran forge test?

Pull requests with an incomplete checklist will be thrown out.

@transmissions11 transmissions11 changed the title Add extcodesize check to SafeTransferLib 🔒 Add extcodesize check to SafeTransferLib Oct 17, 2024
@transmissions11
Copy link
Owner

LGTM — can remove the "/// @dev Note that none of the functions in this library check that a token has code at all! That responsibility is delegated to the caller." notice at the top too now right?

@MiloTruck
Copy link
Contributor Author

LGTM — can remove the "/// @dev Note that none of the functions in this library check that a token has code at all! That responsibility is delegated to the caller." notice at the top too now right?

You're right, I've removed the warning.

@MiloTruck
Copy link
Contributor Author

MiloTruck commented Oct 18, 2024

I've added a short-circuit to avoid calling extcodesize for tokens that return true, as suggested by @Vectorized here.

@transmissions11 transmissions11 merged commit 80d48c6 into transmissions11:main Oct 27, 2024
1 check failed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants