lack of zero check in
Summary:
Lack of zero check in some places.
The constructor does not check if the _guardian address is zero. This could lead to a scenario where the guardian is unintentionally set to the zero address, which could disable important functionality or security mechanisms.
Vulnerability Details:
[ ] ID-35
TadleFactory.constructor(address)._guardian lacks a zero-check on :
- guardian = _guardian
src/factory/TadleFactory.sol#L40
[ ] ID-36
CapitalPool.approve(address).tokenAddr lacks a zero-check on :
- (success,None) = tokenAddr.call(abi.encodeWithSelector(APPROVE_SELECTOR,tokenManager,type()(uint256).max))
src/core/CapitalPool.sol#L24
[ ] ID-37
TokenManager.initialize(address)._wrappedNativeToken lacks a zero-check on :
- wrappedNativeToken = _wrappedNativeToken
src/core/TokenManager.sol#L43
Impact:
The impact of not performing zero checks in smart contracts can be significant, leading to potential vulnerabilities and unintended behaviors
Tools Used:
slither
Recommendations:
Implement Zero Checks:
Add require statements to check for zero addresses in constructors and function parameters. This prevents the contract from operating with invalid addresses and ensures that critical operations only occur with valid inputs.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.