Each contract needs contract addresses in order to be integrated into other protocols and systems.
These addresses are currently hard-coded, which may cause errors and result in the codebase's deployment with an incorrect asset.
Using hard-coded values instead of deployer-provided values makes these contracts incredibly difficult to test.
Short term, set addresses when contracts are created rather than using hard-coded values.
This practice will facilitate testing.
Long term, to ensure that contracts can be tested and reused across networks, avoid using hard-coded parameters.
- ToB Audit Advanced Blockchain Finding 27
- Patching
- Hardcoded Contract Addresses
- Contract Deployer
- Set Addresses