Closed sherlock-admin2 closed 5 months ago
1 comment(s) were left on this issue during the judging contest.
takarez commented:
invalid because { This is invalid; had anything not being imported correctly the contract wouldn't have bheave the way its supposed to to; so ivalid}
Invalid, informational finding with no security risk to current contract logic
6160.web3
medium
Not imported a specific member from the module
Summary
Specific members of the modules should be imported
Vulnerability Detail
It is a better practice and more secure to import the specific member from a contract.
Impact
Code Snippet
https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/protocol/core/TelcoinDistributor.sol#L5-L8 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/sablier/core/CouncilMember.sol#L4-L9 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/sablier/test/TestStream.sol#L4-L5 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/telx/abstract/RewardsDistributionRecipient.sol#L4 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/telx/core/StakingRewards.sol#L4-L8 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/telx/core/StakingRewardsFactory.sol#L4-L7 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/telx/core/StakingRewardsManager.sol#L4-L7 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/test/core/TestNFT.sol#L4 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/test/core/TestTelcoin.sol#L4 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/test/core/TestToken.sol#L4 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/zodiac/core/BaseGuard.sol#L4-L6 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/zodiac/core/SafeGuard.sol#L4-L5 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/zodiac/interfaces/IGuard.sol#L4 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/zodiac/interfaces/IReality.sol#L4 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/zodiac/interfaces/IRealityETH.sol#L4 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/zodiac/test/MockSafeGuard.sol#L4-L5 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/zodiac/test/TestReality.sol#L4-L5 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/zodiac/test/TestSafeWallet.sol#L4
Tool used
Manual Review
Recommendation
Replace every
import ".../XXXX.sol";
withimport {XXXX} from ".../XXXX.sol";
defining the specific member from the module.For example, here is how the new 'import' lines should look line in the "TelcoinDistributor.sol" file: