Stratax Contracts
First Flight #57
Beginner FriendlyDeFi
100 EXP
View all submissions
Previous Next
Submission Details
Impact: low
Likelihood: low

Missing Event Emission on Oracle Update Reduces Off-Chain Observability

Author Revealed upon completion

Missing Event Emission on Oracle Update Reduces Off-Chain Observability

Description:
Stratax::setStrataxOracle() updates a critical dependency (strataxOracle) but does not emit any event:

function setStrataxOracle(address _strataxOracle) external onlyOwner {
require(_strataxOracle != address(0), "Invalid oracle address");
strataxOracle = _strataxOracle;
}

For admin changes (especially oracle changes), emitting an event is important so indexers, monitoring bots, frontends, and auditors can reliably track configuration changes over time.

Impact:
Low. No direct on-chain vulnerability, but it:

  • Makes it harder to detect oracle changes off-chain

  • Reduces transparency and operational monitoring

  • Complicates incident response / forensic analysis

Recommended Mitigation:
Add an event and emit it when updating the oracle (ideally including old + new address).

+ event StrataxOracleUpdated(address indexed oldOracle, address indexed newOracle);
function setStrataxOracle(address _strataxOracle) external onlyOwner {
require(_strataxOracle != address(0), "Invalid oracle address");
+ address oldOracle = strataxOracle;
strataxOracle = _strataxOracle;
+ emit StrataxOracleUpdated(oldOracle, _strataxOracle);
}

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!