Submission Details
Severity:
feeReceiver can be zero through Lender::setFeeReceiver()
Summary
Zero address check is missing in Lender::setFeeReceiver()
Vulnerability Details
feeReceiver can be a zero address because zero address check is missing in the set function.
function setFeeReceiver(address _feeReceiver) external onlyOwner {
feeReceiver = _feeReceiver;
}
Impact
Once the fee receiver is set as zero, then tt will result in losing fees.
Tools Used
Manual Review
Recommendations
I'd recommend adding zero address check.
function setFeeReceiver(address _feeReceiver) external onlyOwner {
if (_feeReceiver == address(0)) revert ZeroAddress(); // --> @audit Add here.
feeReceiver = _feeReceiver;
}
Prize pool breakdown
Total prize
20,000 USDC
nSLOC
70628 USDC / LOC
18,000 USDC
2,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.