Omniscia Olympus DAO Audit

VaultOwned Static Analysis Findings

VaultOwned Static Analysis Findings

VOD-01S: Inexistent Validation of Address Argument

Description:

The linked function contains an address argument that is not properly sanitized against the zero-address.

Example:

contracts/types/VaultOwned.sol
10function setVault( address vault_ ) external onlyOwner() returns ( bool ) {
11 _vault = vault_;
12
13 return true;
14}

Recommendation:

We advise it to be sanitized so to avoid potential misconfigurations of the contract.

Alleviation:

The Olympus DAO team considered this exhibit but opted not to apply any remediation for it.

VOD-02S: Inexistent Emission of Event

TypeSeverityLocation
Input SanitizationInformationalVaultOwned.sol:L10-L14

Description:

The linked function adjusts a sensitive contract variable without emitting a corresponding event.

Example:

contracts/types/VaultOwned.sol
10function setVault( address vault_ ) external onlyOwner() returns ( bool ) {
11 _vault = vault_;
12
13 return true;
14}

Recommendation:

We advise an event to be coded for the action and emitted whenever it is executed to ensure off-chain observers of the contracts can properly sync their data points.

Alleviation:

The Olympus DAO team considered this exhibit but opted not to apply any remediation for it.