Alchemix Transmuter
Alchemix
DeFiFoundrySolidity
16,653 OP
View results
Previous Next
Submission Details
Severity: low
Invalid

Unused and Commented-Out Code Could Lead to Confusion

galturok

Description

The contract contains several functions and code sections that are commented out, including availableDepositLimit, _tend, _tendTrigger, and _emergencyWithdraw. Additionally, there are TODO comments indicating that certain functionality is yet to be implemented.

Example:

// Inside StrategyOp contract
/**
* @notice Gets the max amount of `asset` that an address can deposit.
* @dev Defaults to an unlimited amount for any address. But can
* be overridden by strategists.
// Commented out implementation
// function availableDepositLimit(
// address _owner
// ) public view override returns (uint256) {
// // TODO: If desired Implement deposit limit logic and any needed state variables.
// // ...
// }

Impact

  • Code Clarity and Maintenance: Commented-out code and unimplemented functions can lead to confusion for other developers or auditors who review the contract in the future.

  • Potential Misconfiguration: Important functions like _emergencyWithdraw are not implemented, which might lead to misunderstandings about the contract's capabilities.

  • Perception of Incompleteness: The presence of TODO comments and placeholders may give the impression that the contract is not fully vetted or finalized.

Recommendation

  • Remove Commented-Out Code: Clean up the contract by removing any commented-out code that is not intended to be part of the final implementation.

  • Implement or Remove TODOs: Address the TODO comments by either implementing the necessary functionality or removing them if they are not applicable.

Updates

Appeal created

inallhonesty Lead Judge 11 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.