Mammoth Laurel Nightingale - [L-06] No Parameter Validation in Constructor

[sherlock-admin2]

Mammoth Laurel Nightingale

Low/Info

[L-06] No Parameter Validation in Constructor

Summary

Vulnerability Detail

In Solidity, constructor functions for smart contracts can be created with parameters, which are typically used to initialize some aspect of the contract's state. If the values passed to parameters in a constructor are not validated, it is possible that the contract might be deployed in an incorrect or undesirable state.

Further reading: Solidity Documentation: Constructors

Impact

Code Snippet

• https://github.com/sherlock-audit/2024-08-cork-protocol/blob/main/Depeg-swap/contracts/core/assets/Asset.sol#L19
• https://github.com/sherlock-audit/2024-08-cork-protocol/blob/main/Depeg-swap/contracts/core/assets/Asset.sol#L73
• https://github.com/sherlock-audit/2024-08-cork-protocol/blob/main/Depeg-swap/contracts/core/ModuleState.sol#L50C1-55C1
• https://github.com/sherlock-audit/2024-08-cork-protocol/blob/main/Depeg-swap/contracts/core/ModuleCore.sol#L23C1-L28C9

Tool used

Manual Review

Recommendation -

add require condition to check for zero address and other checks too

[sherlock-admin2]

The protocol team fixed this issue in the following PRs/commits: https://github.com/Cork-Technology/Depeg-swap/pull/120