Open code423n4 opened 3 years ago
leastwood
Events are used by off-chain participants to track on-chain state changes. There are several functions that don't emit events:
MISOLauncher.sol
ListFactory.setDividends()
There are potentially other functions also lacking the use of events.
https://github.com/sushiswap/miso/blob/master/contracts/Access/ListFactory.sol#L137-L139 https://github.com/sushiswap/miso/blob/master/contracts/MISOLauncher.sol
Slither
Consider adding an event to reflect any state changes made within a contract.
This is true but state changes can be monitored without events, does not constitute a security problem
making this a non-critical as it is best practices recommendation
Handle
leastwood
Vulnerability details
Impact
Events are used by off-chain participants to track on-chain state changes. There are several functions that don't emit events:
MISOLauncher.sol
ListFactory.setDividends()
There are potentially other functions also lacking the use of events.
Proof of Concept
https://github.com/sushiswap/miso/blob/master/contracts/Access/ListFactory.sol#L137-L139 https://github.com/sushiswap/miso/blob/master/contracts/MISOLauncher.sol
Tools Used
Slither
Recommended Mitigation Steps
Consider adding an event to reflect any state changes made within a contract.