Omniscia rain protocol Audit
EmissionsERC20 Manual Review Findings
EmissionsERC20 Manual Review Findings
EER-01M: Potential Sanitization of VM State Configuration
Type | Severity | Location |
---|---|---|
Input Sanitization | EmissionsERC20.sol:L124 |
Description:
The initialize
function does not apply any sanitization on the input EmissionsERC20Config
while it expects at least one source to be defined as evidenced by the eval
execution of calculateClaim
.
Example:
contracts/claim/EmissionsERC20.sol
112/// @param config_ source and token config. Also controls delegated claims.113function initialize(EmissionsERC20Config memory config_)114 external115 initializer116{117 __ERC20_init(config_.erc20Config.name, config_.erc20Config.symbol);118 _mint(119 config_.erc20Config.distributor,120 config_.erc20Config.initialSupply121 );122
123 vmStatePointer = VMState.snapshot(124 VMState.newState(config_.vmStateConfig)125 );126
127 /// Log some deploy state for use by claim/opcodes.128 allowDelegatedClaims = config_.allowDelegatedClaims;129 constructionBlockNumber = block.number;130
131 emit Initialize(msg.sender, config_.allowDelegatedClaims, block.number);132}
Recommendation:
We advise some form of sanitization to be imposed, at minimum a guarantee that at least once source has been defined in the sources
array of vmStateConfig
, to prevent misconfiguration of the contract.
Alleviation:
The newState
function of the VMState
implementation was updated to perfom validation that at least one source has been defined thereby alleviating this exhibit.