search

sherlock-audit / 2024-06-magicsea-judging

8 stars 5 forks source link

Mammoth Amethyst Perch - `setTrustee` lacks a validation check to ensure that the `trustee` address provided is not a zero address #705

Closed sherlock-admin2 closed 4 months ago

sherlock-admin2 commented 4 months ago

Mammoth Amethyst Perch

Low/Info

setTrustee lacks a validation check to ensure that the trustee address provided is not a zero address

Summary

setTrustee lacks a validation check to ensure that the trustee address provided is not a zero address

Vulnerability Detail

setTrustee lacks a validation check to ensure that the trustee address provided is not a zero address

Impact

Setting _trustee to a zero address can potentially cause functional issues within other parts of the contract if _trustee is expected to be a valid, operational wallet or contract address. Functions relying on _trustee being non-zero may fail or behave unexpectedly, leading to disruptions in the operation of the smart contract or even security vulnerabilities depending on the contract's design.

Code Snippet

https://github.com/sherlock-audit/2024-06-magicsea/blob/main/magicsea-staking/src/MasterchefV2.sol#L419-L423

Tool used

Manual Review

Recommendation

ensure that the trustee argument is not the zero address.

function setTrustee(address trustee) external onlyOwner {
    require(trustee != address(0), "Trustee address cannot be zero");

    _trustkeeper = trustee;
    emit TrusteeSet(trustee);
}