Beedle - Oracle free perpetual lending

BeedleFi

DeFiFoundry

20,000 USDC

View results

Previous Next

Submission Details

Severity: low

Valid

Missing checks for `address(0)` in the constructor of `Fees.sol` contract

0xNiloy

Summary

The smart contract's constructor lacks checks for address(0), which could lead to potential security vulnerabilities.

Vulnerability Details

The constructor of the smart contract does not include proper checks to prevent the use of address(0) (the zero address). This omission may enable certain operations or actions that could be exploited by attackers, potentially leading to unexpected behavior or loss of funds.

Code Snippet

File: Fees.sol

19: constructor(address _weth, address _staking) {

20: WETH = _weth;

21: staking = _staking;

22: }

Impact

The absence of checks for address(0) in the constructor opens up possibilities for malicious actors to interact with the contract in unintended ways. It might enable unauthorized operations or cause disruptions, making the contract susceptible to various attack vectors.

Tools Used

Manual Review

Recommendations

Ensure that the constructor includes proper checks to disallow the use of the zero address.

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

706

28 USDC / LOC

High Medium

18,000 USDC

Low

2,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.