Audit: Missing Zero Address Validation

pendulum-chain / pendulum-solidity-wrapper

A collection of Solidity wrapper contracts emulating common ERC interfaces to grant access to runtime features on Pendulum.

GNU General Public License v3.0

0 stars 0 forks source link

Audit: Missing Zero Address Validation #22

Closed annatekl closed 1 year ago

annatekl commented 1 year ago

Additional checks against the 0x0 address should be included in the

reported functions to avoid unexpected results.

Paths:

./price-oracle-wrapper/price-oracle-wrapper.sol : getOracleKeyAsset(), getOracleKeyBlockchain(), getOracleKeySymbol(), getAssetPrice(); ./erc20-wrapper/erc20-wrapper.sol : balanceOf(), transfer(), allowance(), approve(), transferFrom();

Recommendation:

it is recommended to add zero address checks.

Found in:

db10871f6ec81d74e0afe9e1e49b8f2e143aadc5

vadaynujra commented 1 year ago

Hey team! Please add your planning poker estimate with Zenhub @ashneverdawn @ebma @TorstenStueber