Missing address(0) checks
Summary
This report addresses the issue of missing checks for the null address (address(0)) in the smart contract code. It is crucial to ensure that state variables of type address are properly validated to prevent potential vulnerabilities in the contract.
Vulnerability Details
State variables that are of type address should always be checked to ensure that they are not being assigned the null address (address(0)). Failure to perform such checks can lead to unexpected behavior and potential security vulnerabilities in the smart contract.
Impact
The impact of missing checks for the null address includes:
Unexpected Behavior: Assigning the null address to a critical state variable can lead to unexpected behavior, potentially causing the contract to behave in unintended ways.
Security Vulnerabilities: Failing to validate addresses can introduce security vulnerabilities such as reentrancy attacks, where an attacker exploits unexpected behavior to manipulate the contract's state or drain its funds.
Tools Used
Manual code review
Recommendations
Address Validation: Ensure that all state variables of type address are properly validated to prevent assignment of the null address.
Lead Judging Commences
Info/Gas/Invalid as per Docs
https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.