QA Report #112
Labels
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
Lack of indexed parameters in events
Details
Some of the events throughout the codebase are not indexed. Indexing event parameters enable off-chain services to search and filter for specific events.
see reference: Low severity finding from OpenZeppelin Audit of HoldeFi
[L09] Lack of indexed parameters in events
https://blog.openzeppelin.com/holdefi-audit/#low
Mitigation
Add the
indexed
keyword to the events.Line of code:
https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/core/InfinityExchange.sol#L85-L93
https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/core/InfinityExchange.sol#L95-L102
Lack of zero-address check in the constructor
Details
Lack of zero-address checks may lead to infunctional protocol especially in the case wherein variable is immutable like the
WETH
.Mitigation
Consider adding zero-address checks such as:
require(_WETH != address(0));
Line of code:
https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/core/InfinityExchange.sol#L104-L117
https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/staking/InfinityStaker.sol#L49-L52
The text was updated successfully, but these errors were encountered: