The switchUnderlyingToken
function requires the balance of underlying tokens to be zero before allowing the switch to a new underlying token. This requirement can be overly restrictive and may somewhat prevent necessary operational actions such as token migrations or upgrades. Additionally, the function does not emit any event upon the switch.
Low/Informational
The zero balance requirement could hinder timely updates or migrations of the underlying token in response to critical issues or upgrades, potentially affecting the system's adaptability and security. The absence of event emission reduces the transparency of the contract's operations, making it harder for users and external systems to track changes.
In summary, these are the 2 issues:
Zero Balance Requirement: The function enforces a zero balance of underlying tokens, which may not always be practical or desirable.
Lack of Event Emission: No event is emitted when the underlying token is switched, reducing transparency.
##Tools Used
Manual review
Reconsider allowing the switch of the underlying token with a non-zero balance by implementing a safe migration strategy for the existing underlying assets.
Also, add an event emission to the switchUnderlyingToken
function to log changes.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.