search

code-423n4 / 2022-05-backd-findings

0 stars 0 forks source link

QA Report #130

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

1 Immutable

Impact the state can't be initialize by constructor.

Proof Of Concept

https://github.com/code-423n4/2022-05-backd/blob/2a5664d35cde5b036074edef3c1369b984d10010/protocol/contracts/tokenomics/VestedEscrow.sol#L35

Tool Used Manual Review

Recommended Mitigation Steps the state must add immutable because in the constructor parameter mention fundAdmin to initialize. so i suggest to add immutable on it.

address public fundAdmin;

to

address public immutable fundAdmin;

2 Typo

Impact missleading

Proof of Concept https://github.com/code-423n4/2022-05-backd/blob/2a5664d35cde5b036074edef3c1369b984d10010/protocol/contracts/BkdLocker.sol#L173

Tools Used manual review

Recommended Mitigation Steps fix the typo to increase readibility. fix it from 

 * @dev This does not invlude the gov. tokens queued for withdrawal.

to

 * @dev This does not includes the gov. tokens queued for withdrawal.
GalloDaSballo commented 2 years ago

the state can't be initialize by constructor.

Disagree as the variable is changed in a setter

https://github.com/code-423n4/2022-05-backd-findings/issues/2 Typo

Valid non-critical finding