Missing Zerro check in `setTapToken` function

[hats-bug-reporter[bot]]

Github username: @Jelev123 Twitter username: zhulien_zhelev Submission hash (on-chain): 0x9a47db8d083967ecd56a9dd34740adc19bbd6851f0e3a032ffac6648d6f1ecb2 Severity: medium

Description: Description\ The function setTapToken is responsible for setting the TAP token address used by the contract. The function allows only the contract owner to set this address, ensuring control over the token configuration. However, the original implementation does not validate the input address, which could lead to setting an invalid (zero) address, potentially breaking the contract's functionality.

Attack Scenario\

Attachments

1. Proof of Concept (PoC) File

setTapToken

/// @notice Sets the TAP token address
/// @param _tapToken The TAP token address
function setTapToken(address _tapToken) external onlyOwner {
    tapToken = IERC20(_tapToken);
}

it have to be

/// @notice Sets the TAP token address
/// @param _tapToken The TAP token address
function setTapToken(address _tapToken) external onlyOwner {
    require(_tapToken != address(0), "Invalid token address");
    tapToken = IERC20(_tapToken);
}

[0xRektora]

which could lead to setting an invalid (zero) address, potentially breaking the contract's functionality.

Setting a zero address would only keep state unchanged.