EulStakes Static Analysis Findings

ESS-01S: Inexistent Sanitization of Input Addresses

Type	Severity	Location
Input Sanitization		EulStakes.sol:L14, L26, L60

Description:

The linked functions accept address arguments yet do not sanitize them.

Example:

Copy
60function stakeGift(address beneficiary, address underlying, uint amount) external {
61    require(amount < 1e36, "amount out of range");
62    if (amount == 0) return;
63
64    uint newAmount = staked[beneficiary][underlying] + amount;
65
66    staked[beneficiary][underlying] = newAmount;
67    emit Stake(beneficiary, underlying, msg.sender, newAmount);
68
69    Utils.safeTransferFrom(eul, msg.sender, address(this), amount);
70}

Recommendation:

We advise rudimentary sanitization to be introduced by ensuring that each address is not equal to the zero-address to prevent improper staking operations. In the stake function, each op.underlying member of the inner for loop should be sanitized instead.

Alleviation:

The Euler team stated that they evaluated this exhibit but opted not to apply a remediation for it as they believe it to be redundant. We should note that this is a static analysis finding and particularly relates to the address(0) misconfiguration that can arise from zero-value input, the most common interface software issue.

ESS-02S: Data Location Optimizations

Type	Severity	Location
Gas Optimization		EulStakes.sol:L26, L79

Description:

The linked functions contain memory arguments yet are either external or invoked by an external function chain.

Example:

Copy
79function stakePermit(StakeOp[] memory ops, uint value, uint deadline, uint8 v, bytes32 r, bytes32 s) external {

Recommendation:

We advise the input arguments to be set as calldata optimizing each function's gas cost.

Alleviation:

The Euler team stated that the gas cost of the function actually increases given that the argument is passed in to a public function that in turn will copy all data to memory in any case. As a result, we consider this exhibit nullified.