Purchasing and committing still possible after launch.md

10 - Purchasing and committing still possible after launch

Even after GenesisGroup.launch has successfully been executed, it is still possible to invoke GenesisGroup.purchase and GenesisGroup.commit.

Recommendation:

Consider adding validation in GenesisGroup.purchase and GenesisGroup.commit to make sure that these functions cannot be called after the launch.

---

Slide Screenshot

---

Slide Text

• ConsenSys Audit Fei Finding 3.2
• Timing
• Critical Severity
• Purchase & Commit After Launch
• State-tracking Function Validation

---

References

• Youtube Reference
• Critical severity finding from Consensys Diligence Audit of Fei Protocol

---

Tags