Overwriting the Mapping with the Symbol
Audit Findings
1. Overwriting Existing Mappings
The code assigns the deployed contract address addr to the s_tokenToAddress mapping using the symbol as the key. However, it is crucial to consider potential conflicts or unintended consequences that may arise from overwriting existing mappings in the mapping structure.
Recommendations
Based on the findings above, we recommend the following changes to the code:
-
Implement additional logic to prevent overwriting existing mappings in the
s_tokenToAddressmapping. This can be achieved by checking if the mapping for a givensymbolalready exists before assigning the new contract address. If a mapping already exists, appropriate actions should be taken, such as rejecting the deployment or updating the existing mapping only under certain conditions.Here's a snippet illustrating the recommended change:
In the above code snippet, we added a require statement to validate that the mapping for the given symbol does not exist before assigning the new contract address. If the mapping already exists, the deployment will be rejected.
Consider using a data structure that allows multiple contract addresses to be associated with a single symbol, if that is a requirement. This could involve using an array or a mapping that stores a list of contract addresses for each symbol, allowing for multiple contracts to be associated with the same symbol.
Conclusion
In conclusion, the concern raised regarding overwriting the mapping with the symbol is valid. We recommend implementing additional logic to prevent overwriting existing mappings and considering alternative data structures if multiple contract addresses need to be associated with a single symbol.
Lead Judging Commences
deployToken: non-unique symbol for tokens
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.