You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on May 26, 2023. It is now read-only.
Function BondBaseSDA.setDefaults sets critical arithmetic parameters for bond market. But it has no event emitted, it is difficult to track these critical changes off-chain.
Vulnerability Detail
In bases/BondBaseSDA, critical parameters are set and changed in function BondBaseSDA.setDefaults for bond market.
However, no event is emitted, and it is difficult to track these critical changes off-chain. Both Users and Issuers would possibly be unware of these changes.
Impact
Both Users and Issuers would possibly be unware of critical changes on bond market.
zimu
medium
Lack of events for critical arithmetic parameters
Summary
Function
BondBaseSDA.setDefaults
sets critical arithmetic parameters for bond market. But it has no event emitted, it is difficult to track these critical changes off-chain.Vulnerability Detail
In
bases/BondBaseSDA
, critical parameters are set and changed in functionBondBaseSDA.setDefaults
for bond market.However, no event is emitted, and it is difficult to track these critical changes off-chain. Both Users and Issuers would possibly be unware of these changes.
Impact
Both Users and Issuers would possibly be unware of critical changes on bond market.
Code Snippet
https://github.com/sherlock-audit/2022-11-bond/blob/main/src/bases/BondBaseSDA.sol#L348-L356
Tool used
Manual Review
Recommendation
Add an event in
BondBaseSDA.setDefaults
to report critical arithmetic changes.The text was updated successfully, but these errors were encountered: