Missing Error Message in `require` Check
Summary
The _extractPeriodFromProof function in the contract includes a require(slot.exists) check without an accompanying error message. While this does not introduce a security vulnerability, it reduces the clarity of transaction failures, making it harder to diagnose issues during debugging or emergencies.
Affected Code: _extractPeriodFromProof
Impact
The lack of an error message in the require statement has the following implications:
Troubleshooting Difficulty: When the condition fails, the transaction reverts with a generic error (
"Transaction reverted without a reason string"). This makes it challenging to identify the root cause of the failure.Emergency Response: During exploits or unexpected behavior, the absence of informative error messages can delay critical fixes, wasting valuable time.
User Experience: Users interacting with the contract may be confused by generic revert messages, leading to a poor experience.
Recommendations
Add an Error Message:
Update the
requirestatement to include a descriptive error message:require(slot.exists, "Period slot does not exist in proof");
Reference
This issue aligns with the finding documented in the following reference:
Code4rena Report: L-03 Missing Error Messages in
requireStatements
Lead Judging Commences
[invalid] finding-error-can-be-more-explicit
Informational, non-acceptable severity given it has arguably no security impact
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.