Submission Details
Severity:
Lack of event emission for critical state changes
Summary
Lack of event emission for critical state changes.
Vulnerability Details
function setOwner(address _newOwner) external onlyOwner {
if (_newOwner == address(0)) revert InvalidZeroAddress();
owner = _newOwner;
}
function setRewardAdmin(address _rewardAdmin) external onlyOwner {
if (_rewardAdmin == address(0)) revert InvalidZeroAddress();
rewardAdmin = _rewardAdmin;
}
function addAuthorizedSablierSender(address _address) external onlyOwner {
authorizedSablierSenders[_address] = true;
}
In the provided functions setOwner, setRewardAdmin, and addAuthorizedSablierSender, there are no events emitted when critical state changes occur. This omission significantly reduces the contract's transparency and makes it difficult for external systems or users to track important changes in the contract's state.
Impact
Without events, it becomes challenging to track changes in ownership, reward administration, and authorized senders off-chain.
Tools Used
Manual review
Recommendations
Implement event emissions for each of these critical state changes.
Prize pool breakdown
Total prize
20,000 USDC
nSLOC
66230 USDC / LOC
16,000 USDC
2,500 USDC
1,500 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.