Overriding AJNA token address in GrantFund.sol constructor
Summary
GrantFund.sol deployer will have to override the hardcoded AJNA address in Storage.sol.
Vulnerability Detail
GrantFund constructor updates ajnaTokenAddress in the Storage contract which is deployed earlier than GrantFund.
Impact
Assigning value to ajnaTokenAddress in Storage has no sense as it is being overridden in the GrantFund constructor.
Deployer HAS to provide a token address to the constructor again.
If passed wrong token address at deployment, the contract will not work.
devival
medium
Overriding AJNA token address in GrantFund.sol constructor
Summary
GrantFund.sol deployer will have to override the hardcoded AJNA address in Storage.sol.
Vulnerability Detail
GrantFund constructor updates ajnaTokenAddress in the Storage contract which is deployed earlier than GrantFund.
Impact
Assigning value to ajnaTokenAddress in Storage has no sense as it is being overridden in the GrantFund constructor. Deployer HAS to provide a token address to the constructor again. If passed wrong token address at deployment, the contract will not work.
Code Snippet
Storage.sol#L55
GrantFund.sol#L46
Tool used
Manual Review
Recommendation
Pick one: a) Remove hardcoding ajnaTokenAddress in Storage.sol b) Remove the constructor from GrantFund.sol