Beedle - Oracle free perpetual lending

BeedleFi

DeFiFoundry

20,000 USDC

View results

Previous Next

Submission Details

Severity: low

Valid

Zero address check

alliums0517

Summary

Vulnerability Details

The constructors and the function given in the links do not have checks if the given address is a dead address or not.

Impact

Setting a dead address makes the contract unusable as there's no way to update the addresses again except for the feeReceiver address.

Tools Used

Manual Review

Recommendations

Add an address check before setting the new addresses.

constructor(address _weth, address _staking) {

require(_weth === address(0), "Zero address");

require(_staking === address(0), "Zero address");

WETH = _weth;

staking = _staking;

}

function setFeeReceiver(address _feeReceiver) external onlyOwner {

require(_feeReceiver=== address(0), "Zero address");

feeReceiver = _feeReceiver;

}

constructor(address _token, address _weth) Ownable(msg.sender) {

require(_weth === address(0), "Zero address");

require(_token=== address(0), "Zero address");

TKN = IERC20(_token);

WETH = IERC20(_weth);

}

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

706

28 USDC / LOC

High Medium

18,000 USDC

Low

2,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.