When we create a diversifier, we only returning the diversifier address. The diversifier address is only used for depositing (tokens and ETH) and sending token to the split address. If we want to distributing & withdrawing funds. We need to put the accounts who will receive the token as a parameter. However, if we create a swapper contract. The address is never returned or emit.
bretzel
medium
Difficulty to get swapper address if created
Summary
When we create a diversifier, we only returning the diversifier address. The diversifier address is only used for depositing (tokens and ETH) and sending token to the split address. If we want to distributing & withdrawing funds. We need to put the accounts who will receive the token as a parameter. However, if we create a swapper contract. The address is never returned or emit.
Vulnerability Detail
DiversifierFactory.sol#L66-L91
Only the diversifier address is returned and emitted. We have no information if a swapper was created inside _parseRecipientParams or not.
Impact
Difficulty to get swapper address that are needed for distributing tokens inside SplitMain.
Code Snippet
File: DiversifierFactory.sol#L66-L133
Tool used
Manual Review
Recommendation
Return the address of all swapper or emit them.