Omniscia Maverick Protocol Audit

MaverickV2RewardFactory Static Analysis Findings

MVF-01S: Inexistent Sanitization of Input Addresses

Type	Severity	Location
Input Sanitization		MaverickV2RewardFactory.sol:L34-L40

Description:

The linked function(s) accept address arguments yet do not properly sanitize them.

Impact:

The presence of zero-value addresses, especially in constructor implementations, can cause the contract to be permanently inoperable. These checks are advised as zero-value inputs are a common side-effect of off-chain software related bugs.

Example:

v2-rewards/contracts/MaverickV2RewardFactory.sol

34constructor(
35    IMaverickV2BoostedPositionFactory boostedPositionFactory_,
36    IMaverickV2VotingEscrowFactory votingEscrowFactory_
37) {
38    boostedPositionFactory = boostedPositionFactory_;
39    votingEscrowFactory = votingEscrowFactory_;
40}

Recommendation:

We advise some basic sanitization to be put in place by ensuring that each address specified is non-zero.

Alleviation (07ad29f773f16bdfbae3d97d3a7c2f9d64866093):

The Maverick Protocol team specified that they wish to acknowledge these exhibits as the contracts involved will either be deployed by a factory performing those validations or by the Maverick Protocol team directly which is expected to perform them manually.

As such, we consider this exhibit to be acknowledged.

Omniscia Maverick Protocol Audit

MaverickV2RewardFactory Static Analysis Findings

MaverickV2RewardFactory Static Analysis Findings

MVF-01S: Inexistent Sanitization of Input Addresses

Description:

Impact:

Example:

Recommendation:

Alleviation (07ad29f773f16bdfbae3d97d3a7c2f9d64866093):

MaverickV2IncentiveMatcherFactory.sol (MVM-S)

MaverickV2RewardRouter.sol (MVE-S)

On this page