Hinderance in monitoring changes to the bridge address, the setRESDLTokenBridge does not emit an event to signal that the reSDLTokenBridge address has been updated
Summary
The setRESDLTokenBridge function in the SDLPoolCCIPController contract lacks proper event emission, making it challenging to track changes to the reSDLTokenBridge address. This oversight may impact transparency and hinder external systems from effectively monitoring modifications to the bridge address.
Vulnerability Details
The setRESDLTokenBridge function:
This function updates the reSDLTokenBridge variable without emitting an event to signal the change.
Impact
The absence of event emission in the setRESDLTokenBridge function:
Hinders transparency: Without emitted events, external systems and users cannot efficiently track changes to the
reSDLTokenBridgeaddress.Limits monitoring capabilities: The lack of events may impede the ability to set up automated processes or tools that rely on event-driven mechanisms to monitor contract state changes.
Tools Used
Manual Code Review
Recommendations
To address this vulnerability and enhance transparency, it is recommended to implement event emission in the setRESDLTokenBridge function. By emitting an event, the contract can provide a clear and publicly accessible record of changes to the reSDLTokenBridge address.
With this modification, external systems can efficiently monitor changes by listening for the emitted RESDLTokenBridgeUpdated events. This enhances transparency and facilitates the tracking of critical updates to the contract state.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.