ink! contracts constructor does not prevent addresses from being set to zero address

[hats-bug-reporter[bot]]

Github username: @0xRizwan Twitter username: 0xRizwann Submission hash (on-chain): 0x2cff0985cd9c1f0de29532505d8895920b51d4bac80d9bc5bafd70a9cfed6992 Severity: low

Description: Description\ nomination_agent contract has implemented the constructor as below:

        pub fn new(vault_: AccountId, admin_: AccountId, pool_id_: u32) -> Self {
            NominationAgent {
                vault: vault_,
                admin: admin_,
                pool_id: pool_id_,
                staked: 0,
            }
        }

constructor does not check the vault and admin address as zero address and it does not prevent it from setting zero address. It should be noted that, if the vault and admin address is zero address then whole nomination_agent functionality is broken and at most a redployment with correct vault and admin address would be required. As they said, prevention is better than cure so validate the input in constructor to avoid such issues.

Recommendation to fix\ Explicitely check vault and admin address is not zero address.

[0xmahdirostami]

Thank you for your submission. "zero address" on EVM is a thing, it's not on Substrate, so they're handled differently https://substrate.stackexchange.com/questions/5929/checknonzerosender/5930#5930