The address of the USDB token is wrongly hard-coded. The following address, 0xA9F81589Cc48Ff000166Bf03B3804A0d8Cec8114, is the address of USDB on the Sepolia Testnet network. link
The protocol will not work as expected because this address does not exist on the Mainnet, where the smart contract will be deployed.
gkrastenovaudit
high
Wrongly hard-coded address
Summary
Wrongly hard-coded address.
Vulnerability Detail
The address of the USDB token is wrongly hard-coded. The following address,
0xA9F81589Cc48Ff000166Bf03B3804A0d8Cec8114, is the address of USDB on the Sepolia Testnet network. linkThe protocol will not work as expected because this address does not exist on the Mainnet, where the smart contract will be deployed.
https://blastexplorer.io/address/0xA9F81589Cc48Ff000166Bf03B3804A0d8Cec8114
Impact
The main functionalities of the protocol it will not work.
Code Snippet
https://github.com/sherlock-audit/2024-03-zap-protocol/blob/main/zap-contracts-labs/contracts/TokenSale.sol#L88
Tool used
Manual Review
Recommendation
Change the hard-coded address.