Summary

Functions accept invalid inputs eg ., zero addresses, out-of-bound values

Vulnerability Details

addMarketToVault() in CreditDelegationBranch does not validate if marketId is within a reasonable range or if vaultAddress is a valid contract

Impact

Operational errors causing temporary disruptions e.g., delegating to a non-existent market

Tools Used

Manual review of function parameters

Recommendations

Add checks like require(marketId > 0, "Invalid market") and isContract(vaultAddress)