tokenDeploy can fail silently
Summary
the yul low level 'create' call in deployToken() can fail silently.
Furthermore, getTokenAddressFromSymbol will return the 0 address for any arbitrary string due the nature of solidity maps.
Vulnerability Details
the owner may be under the impression their token was succesfully deployed
'''js
function testdeployTokenSilentFail() public {
vm.prank(owner);
//Invalid creation code will fail
address tokenAddress = tokenFactory.deployToken("PEPE", hex"12345678");
// Check that the contract was not deployed
assertEq(tokenAddress, address(0), "Token should not be deployed");
assertEq(tokenFactory.getTokenAddressFromSymbol("PEPE"), address(0));
}
'''
Impact
low impact, no financial risk. however, in a complex system it is important to track deployed tokens accurately. it is important to for the owner to know his token deployment has failed, and it is reasonable to not return a zero address in general for an arbitrary string, especially considering if other contracts interact with this code.
Tools Used
Manual Review
Foundry testing
Recommendations
If the intention is to save gas by not doing zero address checks, it should be documented well. And even then it is reasonable to say that the deployToken() function should never fail silently, even if it has little impact.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.