Omniscia BlazeSwap Audit

BlazeSwapManager Static Analysis Findings

BlazeSwapManager Static Analysis Findings

CON-01S: Inexistent Sanitization of Input Address

Description:

The linked function accepts an address argument yet does not properly sanitize it.

Impact:

The presence of zero-value addresses, especially in constructor implementations, can cause the contract to be permanently inoperable. These checks are advised as zero-value inputs are a common side-effect of off-chain software related bugs.

Example:

contracts/core/BlazeSwapManager.sol
23constructor(
24 address _configSetter,
25 address _mathContext,
26 address _wNat
27) BlazeSwapBaseManager(_configSetter, _mathContext) {
28 wNat = _wNat;
29}

Recommendation:

We advise some basic sanitization to be put in place by ensuring that the address specified is non-zero.

Alleviation:

The _wNat input argument is no longer present in the codebase thus rendering this exhibit no longer relevant.