Omniscia Euler Finance Audit
Governable Static Analysis Findings
Governable Static Analysis Findings
GEL-01S: Inexistent Sanitization of Input Address
| Type | Severity | Location |
|---|---|---|
| Input Sanitization |  | Governable.sol:L18-L20 |
Description:
The linked function accepts an address argument yet does not properly sanitize it.
Impact:
The presence of zero-value addresses, especially in constructor implementations, can cause the contract to be permanently inoperable. These checks are advised as zero-value inputs are a common side-effect of off-chain software related bugs.
Example:
src/lib/Governable.sol
18constructor(address _governor) {19 _setGovernor(_governor);20}Recommendation:
We advise some basic sanitization to be put in place by ensuring that the address specified is non-zero.
Alleviation:
The Euler Finance team evaluated this exhibit and opted to dispute it as configuring a governor as the address(0) is a desirable feature of the suite.
Given that the exhibit outlines behaviour that aligns with the business requirements of the Euler Finance team, we consider this exhibit to be nullified.