OsToken::setCapacity() - L163: Unless it was intended to be able to set `capacity` to 0, e.g. for emergency or other scenarios, then there should be a check to avoid zero value assignment. #136
OsToken::setCapacity() - L163: Unless it was intended to be able to set capacity to 0, e.g. for emergency or other scenarios, then there should be a check to avoid zero value assignment.
Github username: @dappconsulting Submission hash (on-chain): 0xa01ed2f9efb22c5cc229db911375bdc18accea086d8d98d90112fc41aef12566 Severity: low
Description: Description\
OsToken::setCapacity() - L163: Unless it was intended to be able to set
capacity
to 0, e.g. for emergency or other scenarios, then there should be a check to avoid zero value assignment.https://github.com/stakewise/v3-core/blob/9c30c45878397aa97918cbafcc6a62e4be4bbd4d/contracts/osToken/OsToken.sol#L163
Recommendation:
Add above this line the below check:
Check:
Attack Scenario\
No exploit, but wont be able to mint OsToken if capacity == 0.
Attachments
Proof of Concept (PoC) File
Revised Code File (Optional)