bug: create pool with rogue base token does not fail

[gabririgo]

Pool creation with a rogue base token should fail, as asserted by this condition.
When the base token address is a smart contract the transaction should fail, however it won't fail if the address has no code, i.e. a standard wallet. In this case, the decimals are not returned correctly here and the following assertion is bypassed as the token decimals do not get overwritten.
One possible solution is to assert that the target base token is a contract, i.e. address has code. This will result in token.decimals() call to revert if the target contract does not implement decimals() method.

IRigoblockPoolProxyFactory.Parameters memory initParams = IRigoblockPoolProxyFactory(msg.sender).parameters();
uint8 tokenDecimals; // we do not initialize decimals

if (initParams.baseToken != address(0)) {
   assert(initParams.baseToken.code.length > 0) // this guarantees that if the token does not implement decimals the call will fail
   tokenDecimals = IERC20(initParams.baseToken).decimals();
   assert(tokenDecimals >= 6); // we move the assertion inside the block as otherwise we know decimals is 18
} else { tokenDecimals = 18; } // we write eth decimals otherwise