QA Report #112
Labels
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
Comments
code423n4
added
bug
|
Duplicate |
|
Merging with #113 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Lack of indexed parameters in events
Details
Some of the events throughout the codebase are not indexed. Indexing event parameters enable off-chain services to search and filter for specific events.
see reference: Low severity finding from OpenZeppelin Audit of HoldeFi
[L09] Lack of indexed parameters in events
https://blog.openzeppelin.com/holdefi-audit/#low
Mitigation
Add the
indexedkeyword to the events.Line of code:
https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/core/InfinityExchange.sol#L85-L93
https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/core/InfinityExchange.sol#L95-L102
Lack of zero-address check in the constructor
Details
Lack of zero-address checks may lead to infunctional protocol especially in the case wherein variable is immutable like the
WETH.Mitigation
Consider adding zero-address checks such as:
require(_WETH != address(0));Line of code:
https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/core/InfinityExchange.sol#L104-L117
https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/staking/InfinityStaker.sol#L49-L52
The text was updated successfully, but these errors were encountered: