Function initalize()
of AstariaRouter.sol lacks in documentation for the following arguments:
_WITHDRAW_IMPL
_CLEARING_HOUSE_IMPL
_BEACON_PROXY_IMPL
AstariaRouter has multiple payable public methods: mint()
, deposit()
, withdraw()
, redeem()
, and pullToken()
. ETH accidentally sent to this contract via these methods cannot be recovered unless the contract is selfdestructed or upgraded.
The following variables are not used and hence can be removed.
address tokenContract = underlying.tokenContract;
uint256 tokenId = underlying.tokenId;
In multiple locations in PublicVault.sol, require
statements lack in descriptive error information.
require(s.allowList[receiver]); // in mint()
require(s.allowList[receiver]); // in deposit()
Add an error description in the second argument, or create a custom error type such as error NotInAllowList()
and throw it with revert
.
In multiple locations in VaultImplementation.sol, require
statements lack in descriptive error messages.
require(msg.sender == owner()); //owner is "strategist"
Add an error description in the second argument, or create a custom error type and throw it with revert
.
The field ERC20 WETH
in the RouterStorage
struct is not being used anywhere in the code. This can be removed to reduce the storage space.
The following snippet
require(assets > minDepositAmount(), "VALUE_TOO_SMALL");
in the deposit
and mint
functions implicitly assumes that minDepositAmount
is non-inclusive. Clarify this in the documentation.
uint256 assets = totalAssets();
is not used and hence can be removed.