Closed sherlock-admin2 closed 8 months ago
1 comment(s) were left on this issue during the judging contest.
takarez commented:
invalid because { invalid because according sherlock rules view funcions are by default low and thus amking this invalid}
Invalid, this function will never revert as long as appropriate reward staking contracts are deployed via the factory, so there is no need for an explicit check
bareli
medium
index should be less than stakingRewardsContracts length.
Summary
we are not checking where index is less than stakingRewardsContracts.length.
Vulnerability Detail
function getStakingRewardsContract( uint index ) external view returns (StakingRewards) { return stakingRewardsContracts[index]; }
Impact
we should be doing index should be less than stakingRewardsContracts.length..
Code Snippet
https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/telx/core/StakingRewardsFactory.sol#L73
Tool used
Manual Review
Recommendation
use a require statement for checking whether index is less than the stakingRewardsContracts.length..