Submission Details
Severity:
Apply Checks for zero address
Summary - Check for zero address should be applied after calling .getAddress().
Vulnerability Details- In functions _getRethContract(), getBaseCollateral() and depositEth() after calling function getAddress() address returned by this function is not checked for zero address.
Impact - In functions like depositEth() address returned by getaddress() is stored in variable rocketDepositPool and then value is deposited in this address which could result in value deposited in zero address.
Tools Used - Manually
Recommendations - apply require() to check for zero address on the return value of getaddress().
Prize pool breakdown
Total prize
55,000 USDC
nSLOC
3,36516 USDC / LOC
50,000 USDC
5,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.