QA Report #28
Labels
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
Comments
code423n4
added
bug
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Consider using
nonReentrantmodifier at burn function which calls external contracts several timesTarget codebase
https://github.com/code-423n4/2022-04-phuture/blob/main/contracts/IndexLogic.sol#L96
burn function calls external contracts several times. It is worth using nonReentrant.
Potential workaround
Add nonReentrant modifier
Should check address(0) at ChainlinkPriceOracle.sol
Target codebase
Following arguments do not have address(0) check. For the safety, it should have address(0) check.
_registryargumenthttps://github.com/code-423n4/2022-04-phuture/blob/main/contracts/ChainlinkPriceOracle.sol#L47
_assetAggregatorargumenthttps://github.com/code-423n4/2022-04-phuture/blob/main/contracts/ChainlinkPriceOracle.sol#L60
Potential workaround
Add require check for address(0) at the above mentioned arguments.
The text was updated successfully, but these errors were encountered: