search

hats-finance / Most--Aleph-Zero-Bridge-0xab7c1d45ae21e7133574746b2985c58e0ae2e61d

Aleph Zero bridge to Ethereum
Apache License 2.0
0 stars 1 forks source link

Inadequate Address Check in `eth::most::_setCommittee` #12

Open hats-bug-reporter[bot] opened 5 months ago

hats-bug-reporter[bot] commented 5 months ago

Github username: @0xmahdirostami Twitter username: 0xmahdirostami Submission hash (on-chain): 0xdc5e623268598a3fb522fb35cea865c7d6a02b6a5e290ba94e9816ddec551676 Severity: low

Description: Description
The _setCommittee function lacks a check against address 0 for each address in _committee. If any of these addresses are set to 0, it may lead to a temporary lock of funds for the specific committeeId as the threshold may not be reached.

Impact
Temporary freezing of funds.

Revised Code File (Optional)
Implement a check for each address in _committee against address 0.

krzysztofziobro commented 5 months ago

This requires owner error: out of scope