Increased testing of edge cases in complex mathematical operations could have identified at least one issue raised in this report.
Additional unit tests are recommended, as well as fuzzing or property-based testing of curve-related operations.
Improperly validated interactions with the BancorFormula contract are seen to fail in unanticipated and potentially dangerous ways, so care should be taken to validate inputs and prevent pathological curve parameters.
More validation of mathematical operations
- ConsenSys Audit DAfi Finding 3.4
- Testing
- Insufficient Validation for Complex Math
- Add Fuzzing & Unit Property Tests