Omniscia DAFI Protocol Audit
dToken Manual Review Findings
dToken Manual Review Findings
DTO-01M: Inexistent Input Sanitization
Type | Severity | Location |
---|---|---|
Input Sanitization | Minor | dToken.sol:L55-L57 |
Description:
The rebase
setter function of the demandFactor
does not perform any sanitization on its input.
Example:
contracts/dToken.sol
55function rebase(uint256 _demandFactor) external onlyDAFI{56 demandFactor = _demandFactor;57}
Recommendation:
We advise that the demandFactor
is ensured to be greater-than (>
) zero to avoid division by zero issues.
Alleviation:
The demandFactor
is now evaluated to be greater-than zero before being set for the contract.