Alchemix Transmuter
Alchemix
DeFiFoundrySolidity
16,653 OP
View results
Previous Next
Submission Details
Severity: low
Invalid

Unused and Commented-Out Code Could Lead to Confusion

galturok

Description

The contract contains several functions and code sections that are commented out, including availableDepositLimit, _tend, _tendTrigger, and _emergencyWithdraw. Additionally, there are TODO comments indicating that certain functionality is yet to be implemented.

Example:

// Inside StrategyOp contract
/**
* @notice Gets the max amount of `asset` that an address can deposit.
* @dev Defaults to an unlimited amount for any address. But can
* be overridden by strategists.
// Commented out implementation
// function availableDepositLimit(
// address _owner
// ) public view override returns (uint256) {
// // TODO: If desired Implement deposit limit logic and any needed state variables.
// // ...
// }

Impact

  • Code Clarity and Maintenance: Commented-out code and unimplemented functions can lead to confusion for other developers or auditors who review the contract in the future.

  • Potential Misconfiguration: Important functions like _emergencyWithdraw are not implemented, which might lead to misunderstandings about the contract's capabilities.

  • Perception of Incompleteness: The presence of TODO comments and placeholders may give the impression that the contract is not fully vetted or finalized.

Recommendation

  • Remove Commented-Out Code: Clean up the contract by removing any commented-out code that is not intended to be part of the final implementation.

  • Implement or Remove TODOs: Address the TODO comments by either implementing the necessary functionality or removing them if they are not applicable.

Updates

Appeal created

inallhonesty Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.