Omniscia Kyo Finance Audit

Emission Static Analysis Findings

ENO-01S: Inexistent Sanitization of Input Addresses

Type	Severity	Location
Input Sanitization		Emission.sol:L31-L35

Description:

The linked function(s) accept address arguments yet do not properly sanitize them.

Impact:

The presence of zero-value addresses, especially in constructor implementations, can cause the contract to be permanently inoperable. These checks are advised as zero-value inputs are a common side-effect of off-chain software related bugs.

Example:

contracts/reward/Emission.sol

31constructor(IERC20 rewardToken_, IERC20 ballot_, IEmissionSchedule schedule) Ownable(msg.sender) ERC20("", "") ERC4626TokenStreamSplitter(ballot_) {
32    rewardToken = rewardToken_;
33    emissionSchedule = schedule;
34    emit EmissionSchedule(address(schedule));
35}

Recommendation:

We advise some basic sanitization to be put in place by ensuring that each address specified is non-zero.

Alleviation (17c8d4e59f398021156f6f9657ff278aae0462ae):

The Kyo Finance team evaluated this exhibit but opted to acknowledge it in the current iteration of the codebase.

Omniscia Kyo Finance Audit

Emission Static Analysis Findings

Emission Static Analysis Findings

ENO-01S: Inexistent Sanitization of Input Addresses

Description:

Impact:

Example:

Recommendation:

Alleviation (17c8d4e59f398021156f6f9657ff278aae0462ae):

Elector.sol (ERO-S)

SingleStreamConsumer.sol (SSC-S)

On this page