Omniscia Impact Market Audit
PACTDelegate Static Analysis Findings
PACTDelegate Static Analysis Findings
PAC-01S: Literal Equality of bool Variable
| Type | Severity | Location |
|---|---|---|
| Gas Optimization |  | PACTDelegate.sol:L464 |
Description:
The linked bool comparison is performed between a variable and a bool literal.
Example:
464require(_receipt.hasVoted == false, "PACT::castVoteInternal: voter already voted");Recommendation:
We advise the bool variable to be utilized directly either in its negated (!) or original form.
Alleviation:
The linked condition has been replaced with proper logical check by removing the constant boolean comparison.
PAC-02S: Inexistent Sanitization of Input Addresses
| Type | Severity | Location |
|---|---|---|
| Input Sanitization |  | PACTDelegate.sol:L62, L63 |
Description:
The linked function(s) accept address arguments yet do not properly sanitize them.
Impact:
The presence of zero-value addresses, especially in constructor implementations, can cause the contract to be permanently inoperable. These checks are advised as zero-value inputs are a common side-effect of off-chain software related bugs.
Example:
60function initialize(61 address _timelock,62 address _token,63 address _releaseToken,64 uint256 _votingPeriod,65 uint256 _votingDelay,66 uint256 _proposalThreshold,67 uint256 _quorumVotes68) public initializer {Recommendation:
We advise some basic sanitization to be put in place by ensuring that each address specified is non-zero.
Alleviation:
The _token argument is now properly sanitized and the Impact Market team stated that the _releaseToken variable can be zero in case no secondary token is needed by the system. As a result, we consider this exhibit fully dealt with.