diff --git a/contracts/instances/ERC20TornadoCloneable.sol b/contracts/instances/ERC20TornadoCloneable.sol index d972d1e..20c609f 100644 --- a/contracts/instances/ERC20TornadoCloneable.sol +++ b/contracts/instances/ERC20TornadoCloneable.sol @@ -161,10 +161,17 @@ contract ERC20TornadoCloneable is ERC20Tornado { uint256 _fee, uint256 _refund ) internal override { + // This is the part which we don't check if infra is down if (router != address(0)) { require(msg.sender == router, "if infrastructure not dead, router must be caller"); } + // This check should make sure that a user doesn't doom his refund by chance + if (_relayer == address(0)) { + require(_fee == 0 && _refund == 0, "no fees and refunds if no relayer"); + } + + // Call the regular super version of the function super._processWithdraw(_recipient, _relayer, _fee, _refund); } }