Omniscia rain protocol Audit

EmissionsERC20 Manual Review Findings

EmissionsERC20 Manual Review Findings

EER-01M: Potential Sanitization of VM State Configuration

Description:

The initialize function does not apply any sanitization on the input EmissionsERC20Config while it expects at least one source to be defined as evidenced by the eval execution of calculateClaim.

Example:

contracts/claim/EmissionsERC20.sol
112/// @param config_ source and token config. Also controls delegated claims.
113function initialize(EmissionsERC20Config memory config_)
114 external
115 initializer
116{
117 __ERC20_init(config_.erc20Config.name, config_.erc20Config.symbol);
118 _mint(
119 config_.erc20Config.distributor,
120 config_.erc20Config.initialSupply
121 );
122
123 vmStatePointer = VMState.snapshot(
124 VMState.newState(config_.vmStateConfig)
125 );
126
127 /// Log some deploy state for use by claim/opcodes.
128 allowDelegatedClaims = config_.allowDelegatedClaims;
129 constructionBlockNumber = block.number;
130
131 emit Initialize(msg.sender, config_.allowDelegatedClaims, block.number);
132}

Recommendation:

We advise some form of sanitization to be imposed, at minimum a guarantee that at least once source has been defined in the sources array of vmStateConfig, to prevent misconfiguration of the contract.

Alleviation:

The newState function of the VMState implementation was updated to perfom validation that at least one source has been defined thereby alleviating this exhibit.