Core Contracts

Summary

The constructor of the Governance contract incorrectly uses the InvalidTimelockAddress error when validating the veRAAC token address, resulting in a misleading revert message.

Vulnerability Details

In the constructor, the contract validates the provided _veTokenAddr by checking if it is the zero address. However, if _veTokenAddr is zero, the contract reverts using the error InvalidTimelockAddress with the message "Zero address". This error identifier and message are intended for timelock address validation, not for the veRAAC token address. Consequently, if a zero address is provided for the veRAAC token, the error message incorrectly indicates an issue with the timelock address rather than the token address.

The problematic code segment is:

Here, the first condition should use a distinct error (e.g., InvalidTokenAddress) to clearly communicate that the veRAAC token address is invalid.

Impact

• Developer Confusion: Misleading error messages can make debugging and troubleshooting more difficult for developers.

• Integration Issues: External integrators or automated tools relying on error identifiers may misinterpret the cause of the failure, leading to incorrect handling or reporting.

• Reduced Clarity: The incorrect error message may obscure the real issue during deployment or during contract audits, potentially hiding other integration errors.

Tools Used

• Manual code review

Recommended Mitigation

• Define a Specific Error: Create a new error identifier such as InvalidTokenAddress specifically for veRAAC token address validation.

• Update the Revert Statement: Modify the first validation in the constructor to use the new error. For example:

  if (_veTokenAddr == address(0)) revert InvalidTokenAddress(_veTokenAddr, "Zero address");