you have
Note Transfers of 0 values MUST be treated as normal transfers and fire the
Transfer
event.
I am security auditor and I often face with clients who have
require(amount > 0, "prohibited");
in their erc-20 token implementation.
It looks intuitive, that indeed, transfer for zero amount makes not sense.
-
Why EIP-20 states “MUST” for allowing such transfers? What is the rationale behind?
-
What is the risk if you prohibit transfer for zero amount?
My proposal is to add sich rationale inside EIP-20 standard to avoid confusion and incompliency