getVestingSchedule::RAACReleaseOrchestrator and getCategoryDetails::RAACReleaseOrchestrator Do Not Validate Existence of Requested Data
****
Finding Description and Impact
The functions getVestingSchedule() and getCategoryDetails() return values without validating whether the requested data exists.
getVestingSchedule()returns an uninitializedVestingSchedulestruct if the beneficiary has no schedule.getCategoryDetails()allows querying non-existent categories without reverting.
This could mislead users and other smart contracts relying on these functions to determine vesting status or category allocations.
Proof of Concept
-
getVestingSchedule():return vestingSchedules[beneficiary]; // No check if initialized -
getCategoryDetails():return (categoryAllocations[category], categoryUsed[category]); // No validation of category existence
Recommended Mitigation Steps
-
Add a check in
getVestingSchedule()to revert if the schedule is uninitialized:if (!vestingSchedules[beneficiary].initialized) revert VestingNotInitialized(); -
Ensure
getCategoryDetails()reverts for non-existent categories:if (categoryAllocations[category] == 0) revert InvalidCategory();
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.