Closed code423n4 closed 2 years ago
We want to loop through the array to whitelist some vault/strategy at the deployment As long as this process is in the constructor, those vaults / strategy will be reachable after the deployment
FlatOperator
is not supposed to be called outside of a delegateCall context
For OwnerProxy
we can set the value to zero to not send ether.
And if we made a mistake, we can create a script to send the ether back.
Duplicated of #61 at 2. Missing address(0) checks
Tool Used: Slither
**Occurrences in:
Unnecessary import IFlatOperator does not need to import ERC20 since the transfer() function is custom defined and does not conform to ERC20's transfer.
Costly External calls inside a loop **Occurrences in:
https://github.com/code-423n4/2022-06-nested/blob/main/contracts/operators/Beefy/BeefyVaultOperator.sol#L19 https://github.com/code-423n4/2022-06-nested/blob/main/contracts/operators/Beefy/lp/BeefyZapBiswapLPVaultOperator.sol#L28 *https://github.com/code-423n4/2022-06-nested/blob/main/contracts/operators/Beefy/lp/BeefyZapUniswapLPVaultOperator.sol#L28