Open code423n4 opened 2 years ago
cmichel
Some parameters of functions are not checked for invalid values:
Manager.constructor
_yaxis
StablesConverter.constructor
BaseStrategy.constructor
Wrong user input or wallets defaulting to the zero addresses for a missing input can lead to the contract needing to redeploy or wasted gas.
Validate the parameters.
I don't see any risk in that, as all the mentioned functions are constructors
Agree with sponsor, no risk here
At the same time, having checks in constructor is industry standard, will set to Non-Critical
Handle
cmichel
Vulnerability details
Some parameters of functions are not checked for invalid values:
Manager.constructor
:_yaxis
can be zero and a non-contract.StablesConverter.constructor
: all parameters could be zeroBaseStrategy.constructor
: all parameters could be zeroImpact
Wrong user input or wallets defaulting to the zero addresses for a missing input can lead to the contract needing to redeploy or wasted gas.
Recommended Mitigation Steps
Validate the parameters.