Omniscia Bluejay Finance Audit

BondGovernor Manual Review Findings

BGR-01M: Inexistent Sanitization of Adjustment Duration

Type	Severity	Location
Input Sanitization		BondGovernor.sol:L76

Description:

The timeToTargetControlVariable value should be sanitized to satisfy a minimum time duration and should at least be prevented from being set as 0.

Example:

packages/contracts/contracts/BondGovernor.sol

73function adjustPolicy(
74  address asset,
75  uint256 targetControlVariable,
76  uint256 timeToTargetControlVariable,
77  uint256 minimumPrice
78) public override onlyOwner policyExist(asset) {
79  require(
80    targetControlVariable >= RAY,
81    "Target control variable less than 1"
82  );
83
84  updateControlVariable(asset);
85  policies[asset].targetControlVariable = targetControlVariable;
86  policies[asset].timeToTargetControlVariable = timeToTargetControlVariable;
87  policies[asset].minimumPrice = minimumPrice;
88  emit UpdatedPolicy(
89    asset,
90    targetControlVariable,
91    minimumPrice,
92    timeToTargetControlVariable
93  );
94}

Recommendation:

We advise a require check to be introduced ensuring either a minimum time or the value to be non-zero, the former of which we advise.

Alleviation:

A require check was properly imposed preventing the time to the target control variable from being zero and thus alleviating this exhibit.

Omniscia Bluejay Finance Audit

BondGovernor Manual Review Findings

BondGovernor Manual Review Findings

BGR-01M: Inexistent Sanitization of Adjustment Duration

Description:

Example:

Recommendation:

Alleviation:

BluejayToken.sol (BTN-M)

BondRouter.sol (BRR-M)

On this page