GalloDaSballo
commented
2 years ago Agree with finding, will keep this as the main finding and set others to dupes
Open code423n4 opened 3 years ago
GalloDaSballo
commented
2 years ago Agree with finding, will keep this as the main finding and set others to dupes
Handle
shenwilly
Vulnerability details
Impact
Accidental use of zero-address from faulty deployment script can force re-deployment of contract. Recommend adding zero-address check on
Factory.solconstructor, especially because_auctionImpl&_basketImplare unchangeable.Proof of Concept
https://github.com/code-423n4/2021-09-defiProtocol/blob/52b74824c42acbcd64248f68c40128fe3a82caf6/contracts/contracts/Factory.sol#L18-L22
Recommended Mitigation Steps
Consider adding zero address checks in the
Factory.solconstructor.