Foundry DeFi Stablecoin CodeHawks Audit Contest
Cyfrin
DeFiFoundry
15,000 USDC
View results
Previous Next
Submission Details
Severity: low
Valid

Missing `address(0)` check

MTN

Summary

There is not check to prevent initializing i_dsc with the null address

Vulnerability Details

The i_dsc variable is set as immutable. Therefore, it is important to verify that we are not initializing it with the null address .

https://github.com/Cyfrin/2023-07-foundry-defi-stablecoin/blob/d1c5501aa79320ca0aeaa73f47f0dbc88c7b77e2/src/DSCEngine.sol#L82

82: DecentralizedStableCoin private immutable i_dsc;

https://github.com/Cyfrin/2023-07-foundry-defi-stablecoin/blob/d1c5501aa79320ca0aeaa73f47f0dbc88c7b77e2/src/DSCEngine.sol#L112C4-L123C6

112: constructor(address[] memory tokenAddresses, address[] memory priceFeedAddresses, address dscAddress) {
...
122: i_dsc = DecentralizedStableCoin(dscAddress);
}

Impact

Any interactions with i_dsc would result in runtime exceptions or revert transactions.

Tools Used

Virtual Studio Code

Foundry

Recommendations

Consider adding an address(0) check for immutable variables.

112: constructor(address[] memory tokenAddresses, address[] memory priceFeedAddresses, address dscAddress) {
...
+122: require(dscAddress != address(0), "DSC address could not be 0.)");
123: i_dsc = DecentralizedStableCoin(dscAddress);
}

To save gas, this check could also be done in assembly:

112: constructor(address[] memory tokenAddresses, address[] memory priceFeedAddresses, address dscAddress) {
...
+122: assembly {
+123: if iszero(dscAddress) {
+124: mstore(0x00, "DSC address could not be 0.")
+125: revert(0x00, 0x20)
+126: }
127: i_dsc = DecentralizedStableCoin(dscAddress);
}

This should save **6 gas** per call

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.