The computeAccountAddress
function accepts several parameters, such as address
, uint256
, address[] calldata
, and uint8
. However, these parameters are not explicitly referenced within the function body. Instead, the entire calldata is used to compute the salt, which can lead to confusion as it is not clear how each individual parameter influences the salt and subsequently the address computation. This might also lead to potential errors if parameters are expected to affect the address computation but are ignored.
Confusion for Developers: Developers might assume that individual parameters are used directly in the computation, leading to misunderstandings and incorrect implementations.
Potential Errors: If the function's logic changes or if developers expect the parameters to influence the computation, this discrepancy can result in incorrect address computations, which could affect contract deployments and other dependent logic.
Manual Review
Refactor the function to explicitly use and document each parameter in the computation process.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.