search

sablier-labs / v2-core

⏳ Core smart contracts of the Sablier V2 token distribution protocol
https://sablier.com
Other
290 stars 39 forks source link

implementing suggestions from Egis audit review #960

Closed smol-ninja closed 4 days ago

smol-ninja commented 6 days ago

Changelog

  1. Index admin in AllowToHook event.

Egis: This way if the admin is changed, it would be easy to query all addresses that were whitelisted by given admin address, etc.

  1. Include dash in alphanumeric check

Egis: Consider adding - (2D) as supported char in for token sybmol, because it is not a threat for JSON injection and there are tokens such as LP, which may use this char. An example token with a market cap of $271M

@andreivladbrg and @PaulRBerg tagging you for feedback on the above changes.

smol-ninja commented 5 days ago

Will rename it. I agree with your point but couldn't think of a good name. Will go with isAllowedCharacter

PaulRBerg commented 5 days ago

Let's wait for @andreivladbrg's review.