Omniscia Platypus Finance Audit

Asset Manual Review Findings

ASS-01M: Inexistent Sanitization of Maximum Supply

Type	Severity	Location
Input Sanitization	Minor	Asset.sol:L102

Description:

The setMaxSupply function performs no sanitization on the input maxSupply_ argument.

Example:

contracts/asset/Asset.sol

98/**
99 * @notice Changes asset max supply. Can only be set by the contract owner.
100 * @param maxSupply_ the new asset's max supply
101 */
102function setMaxSupply(uint256 maxSupply_) external onlyOwner {
103    uint256 oldMaxSupply = _maxSupply;
104    _maxSupply = maxSupply_;
105    emit MaxSupplyUpdated(oldMaxSupply, maxSupply_);
106}

Recommendation:

We advise it to be ensured to be greater-than-or-equal-to (>=) the current total supply to ensure state transitions are executed as expected.

Alleviation:

After discussion with the Platypus team, we concluded that the maximum supply should be arbitrarily settable as it is an intended design feature. As such, we consider this exhibit null.

Omniscia Platypus Finance Audit

Asset Manual Review Findings

Asset Manual Review Findings

ASS-01M: Inexistent Sanitization of Maximum Supply

Description:

Example:

Recommendation:

Alleviation:

Pool.sol (POO-S)

ChainlinkProxyPriceProvider.sol (CPP-M)

On this page