input array length must check be the same in proposeTransaction or batchTelcoin
Summary
The proposeTransaction and batchTelcoin function accepts two array parameters,but don't validate that their lengths are identical.
Vulnerability Detail
The proposeTransaction function accepts two array parameters and isn't required to validate that their lengths are identical. If the CouncilMember input is misleading, it may loss token because the safeTransfer transfer error during the batchTelcoin process "
iberry
high
input array length must check be the same in proposeTransaction or batchTelcoin
Summary
The proposeTransaction and batchTelcoin function accepts two array parameters,but don't validate that their lengths are identical.
Vulnerability Detail
The proposeTransaction function accepts two array parameters and isn't required to validate that their lengths are identical. If the CouncilMember input is misleading, it may loss token because the safeTransfer transfer error during the batchTelcoin process "
Impact
medium, may be cause token loss
Code Snippet
https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/protocol/core/TelcoinDistributor.sol#L87-L102 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/protocol/core/TelcoinDistributor.sol#L185-L196
Tool used
Manual Review
Recommendation
require(destinations.length == amounts.length) at proposeTransaction or batchTelcoin
Duplicate of #2