Omniscia Impact Market Audit

StakingImplementation Static Analysis Findings

SIN-01S: Inexistent Sanitization of Input Addresses

Type	Severity	Location
Input Sanitization		StakingImplementation.sol:L53, L54, L55

Description:

The linked function(s) accept address arguments yet do not properly sanitize them.

Impact:

The presence of zero-value addresses, especially in constructor implementations, can cause the contract to be permanently inoperable. These checks are advised as zero-value inputs are a common side-effect of off-chain software related bugs.

Example:

contracts/staking/StakingImplementation.sol

52function initialize(
53    IERC20 _PACT,
54    IMintableToken _SPACT,
55    IDonationMiner _donationMiner,
56    uint256 _cooldown
57) public initializer {
58    __Ownable_init();
59    __ReentrancyGuard_init();
60
61    PACT = _PACT;
62    SPACT = _SPACT;
63    donationMiner = _donationMiner;
64    cooldown = _cooldown;
65}

Recommendation:

We advise some basic sanitization to be put in place by ensuring that each address specified is non-zero.

Alleviation:

Code has been added to perform zero-check input validation on the linked variables _PACT, _SPACT and _donationMiner properly.

Omniscia Impact Market Audit

StakingImplementation Static Analysis Findings

StakingImplementation Static Analysis Findings

SIN-01S: Inexistent Sanitization of Input Addresses

Description:

Impact:

Example:

Recommendation:

Alleviation:

PACTDelegate.sol (PAC-S)

DonationMinerImplementation.sol (DMI-M)

On this page