TempleGold
TempleDAO
Foundry
25,000 USDC
View results
Previous Next
Submission Details
Severity: high
Invalid

Zero Address Checks Missing in Constructor for Critical Addresses

nexarion

Summary

The TempleGold contract's constructor lacks zero address checks for critical contract addresses, including staking, escrow, and teamGnosis. This oversight could lead to the deployment of a contract with non-functional core components, potentially resulting in irrecoverable losses and broken functionality.

Vulnerability Details

In the constructor of the TempleGold contract, several critical addresses are set without verifying that they are not the zero address:

https://github.com/Cyfrin/2024-07-templegold/blob/57a3e597e9199f9e9e0c26aab2123332eb19cc28/protocol/contracts/templegold/TempleGold.sol#L66-L73

https://github.com/Cyfrin/2024-07-templegold/blob/57a3e597e9199f9e9e0c26aab2123332eb19cc28/protocol/contracts/templegold/TempleGold.sol#L226-L245

constructor(
InitArgs memory _initArgs
) OFT(_initArgs.name, _initArgs.symbol, _initArgs.layerZeroEndpoint, _initArgs.executor) Ownable(_initArgs.executor){
staking = ITempleGoldStaking(_initArgs.staking);
escrow = IDaiGoldAuction(_initArgs.escrow);
teamGnosis = _initArgs.gnosis;
_mintChainId = _initArgs.mintChainId;
}

The absence of zero address checks for _initArgs.staking, _initArgs.escrow, and _initArgs.gnosis means that it's possible to deploy the contract with these critical components set to the zero address (0x0000000000000000000000000000000000000000).

Impact

The impact of this vulnerability includes:

  1. Immutable Broken State: Once deployed with zero addresses, the contract's core functionalities would be permanently broken, as these addresses cannot be changed post-deployment.

  2. Distribution Mechanism Failure: The _distribute function, which relies on staking.notifyDistribution() and escrow.notifyDistribution(), would fail if these addresses are set to zero.

  3. Irrecoverable Fund Loss: Any funds meant to be sent to teamGnosis would be permanently lost if it's set to the zero address.

  4. Trust and Economic Damage: Such a deployment error could lead to significant economic losses and severely damage the project's reputation and user trust.

Tools Used

Manual review

Recommendations

To mitigate this vulnerability, implement zero address checks in the constructor:

constructor(InitArgs memory _initArgs) OFT(_initArgs.name, _initArgs.symbol, _initArgs.layerZeroEndpoint, _initArgs.executor) Ownable(_initArgs.executor) {
if (_initArgs.staking == address(0)) revert CommonEventsAndErrors.InvalidAddress();
if (_initArgs.escrow == address(0)) revert CommonEventsAndErrors.InvalidAddress();
if (_initArgs.gnosis == address(0)) revert CommonEventsAndErrors.InvalidAddress();
staking = ITempleGoldStaking(_initArgs.staking);
escrow = IDaiGoldAuction(_initArgs.escrow);
teamGnosis = _initArgs.gnosis;
_mintChainId = _initArgs.mintChainId;
}
Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.