Omniscia Olympus DAO Audit
VaultOwned Static Analysis Findings
VaultOwned Static Analysis Findings
VOD-01S: Inexistent Validation of Address Argument
| Type | Severity | Location |
|---|---|---|
| Input Sanitization | Minor | VaultOwned.sol:L10-L14 |
Description:
The linked function contains an address argument that is not properly sanitized against the zero-address.
Example:
contracts/types/VaultOwned.sol
10function setVault( address vault_ ) external onlyOwner() returns ( bool ) {11 _vault = vault_;12
13 return true;14}Recommendation:
We advise it to be sanitized so to avoid potential misconfigurations of the contract.
Alleviation:
The Olympus DAO team considered this exhibit but opted not to apply any remediation for it.
VOD-02S: Inexistent Emission of Event
| Type | Severity | Location |
|---|---|---|
| Input Sanitization | Informational | VaultOwned.sol:L10-L14 |
Description:
The linked function adjusts a sensitive contract variable without emitting a corresponding event.
Example:
contracts/types/VaultOwned.sol
10function setVault( address vault_ ) external onlyOwner() returns ( bool ) {11 _vault = vault_;12
13 return true;14}Recommendation:
We advise an event to be coded for the action and emitted whenever it is executed to ensure off-chain observers of the contracts can properly sync their data points.
Alleviation:
The Olympus DAO team considered this exhibit but opted not to apply any remediation for it.