15,000 USDC
View results
Submission Details
Severity: low

No tokenCollateralAddress check

Summary

No tokenCollateralAddress check

Vulnerability Details

There is a isAllowedToken modifier used 'depositCollateral()' but not used in redeemCollateralForDsc(), redeemCollateral() and _redeemCollateral().

Impact

If a user calls these functions with a wrong token address it will fail.

Tools Used

Manual review

Recommendations

Add the isAllowedToken modifier to the functions with tokenCollateralAddress user input.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.