|
|
@@ -60,13 +60,13 @@ abstract contract ERC20Snapshot is ERC20 {
|
|
|
*
|
|
|
* Emits a {Snapshot} event that contains the same id.
|
|
|
*
|
|
|
- * {_snapshot} is `internal`: you must decide how to expose it externally. This can be done both by
|
|
|
- * guarding it with a system such as {AccessControl}, or by leaving it open to the public.
|
|
|
+ * {_snapshot} is `internal` and you have to decide how to expose it externally. It's usage may be restricted to a
|
|
|
+ * set of accounts, for example using {AccessControl}, or it may be open to the public.
|
|
|
*
|
|
|
* [WARNING]
|
|
|
* ====
|
|
|
* While an open way of calling {_snapshot} is required for certain trust minimization mechanisms such as forking,
|
|
|
- * you must consider that it can potentially be used by attackers in two ways.
|
|
|
+ * you must consider that it can potentially be used by attackers in two ways.
|
|
|
*
|
|
|
* First, it can be used to increase the cost of retrieval of values from snapshots, although it will grow
|
|
|
* logarithmically thus rendering this attack ineffective in the long term. Second, it can be used to target
|
Francisco Giordano