Duplicate token address processing in whitelist update
Summary
The updateTokenWhiteListed function processes an array of token addresses without checking for duplicates.
Vulnerability Details
The updateTokenWhiteListed function processes an array of token addresses without checking for duplicates. This could lead to the same token address being processed multiple times in a single transaction.
Steps to Reproduce:
Call
updateTokenWhiteListedwith an array of token addresses that includes duplicates.Observe that each duplicate address is processed and emits an event each time it appears in the array.
Impact
Increased gas costs and unnecessary event emissions.
Tools Used
Manual review
Recommendations
Check for duplicates in the address array.
Lead Judging Commences
[invalid] finding-Admin-Errors-Malicious
The following issues and its duplicates are invalid as admin errors/input validation/malicious intents are1 generally considered invalid based on [codehawks guidelines](https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity#findings-that-may-be-invalid). If they deploy/set inputs of the contracts appropriately, there will be no issue. Additionally admins are trusted as noted in READ.ME they can break certain assumption of the code based on their actions, and
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.