WrappedAvail :: constructor can cause bridge to an address that does not belong to the correct bridge address
Summary
constructor must use msg.sender
Vulnerability Detail
WrappedAvail :: constructor can cause bridge to an address that does not belong to the correct bridge address
beacuse is set as a parameter not as msg.sender
Impact
bridge address is used for minting and burning if is incorrect you can't burn or mint
kgothatso
medium
WrappedAvail :: constructor
can causebridge
to an address that does not belong to the correctbridge
addressSummary
constructor must use
msg.sender
Vulnerability Detail
WrappedAvail :: constructor
can causebridge
to an address that does not belong to the correctbridge
address beacuse is set as a parameter not asmsg.sender
Impact
bridge
address is used for minting and burning if is incorrect you can't burn or mintCode Snippet
https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/WrappedAvail.sol#L18
Tool used
Manual Review
Recommendation
set
bridge
address withmsg.sender