sherlock-admin2
commented
1 month ago The protocol team fixed this issue in the following PRs/commits: https://github.com/boostxyz/boost-protocol/pull/200
Closed sherlock-admin2 closed 1 month ago
sherlock-admin2
commented
1 month ago The protocol team fixed this issue in the following PRs/commits: https://github.com/boostxyz/boost-protocol/pull/200
Stable Teal Wolf
Low/Info
[L-1] Redundant Code Removal and Magic Number Replacement in
ERC20VariableIncentivecontract.Description:
Redundant
_initializeOwnerCall Removal: The contract previously contained a redundant call to the_initializeOwnerfunction within theinitializefunction. This redundant call did not serve any additional purpose and was removed to clean up the code.Replacement of Magic Number
1e18with Named ConstantDECIMALS: The magic number1e18used for scaling has been replaced with a named constantDECIMALSto enhance code readability and maintainability.Impact:
The removal of the redundant call has no functional impact on the contract. It simply improves code readability and reduces unnecessary operations.
Replacing the magic number with a named constant improves the clarity of the code, making it easier to understand and maintain. This change does not alter the contract’s behavior.
Proof of Concept (PoC):
PoC
```javascript // Redundant `_initializeOwner` Call Removal // Before function initialize(bytes calldata data_) public override initializer { _initializeOwner(msg.sender); // other initialization code _initializeOwner(msg.sender); // Redundant call } // After function initialize(bytes calldata data_) public override initializer { _initializeOwner(msg.sender); // other initialization code } // Replacement of Magic Number 1e18 // Before uint256 claimAmount = reward * signedAmount / 1e18; // After uint256 constant DECIMALS = 1e18; uint256 claimAmount = reward * signedAmount / DECIMALS; ```Recommended Mitigation:
Ensure that all redundant or unnecessary code is removed during development to maintain a clean and efficient codebase.
Use named constants for all magic numbers in the code. This practice enhances readability and makes it easier to adjust values if needed.