Omniscia Myso Finance Audit

BaseCompartment Static Analysis Findings

BCT-01S: Inexistent Sanitization of Input Addresses

Type	Severity	Location
Input Sanitization		BaseCompartment.sol:L22-L28

Description:

The linked function(s) accept address arguments yet do not properly sanitize them.

Impact:

The presence of zero-value addresses, especially in constructor implementations, can cause the contract to be permanently inoperable. These checks are advised as zero-value inputs are a common side-effect of off-chain software related bugs.

Example:

contracts/peer-to-peer/compartments/BaseCompartment.sol

22function initialize(
23    address _vaultAddr,
24    uint256 _loanIdx
25) external initializer {
26    vaultAddr = _vaultAddr;
27    loanIdx = _loanIdx;
28}

Recommendation:

We advise some basic sanitization to be put in place by ensuring that each address specified is non-zero.

Alleviation (c740f7c6b5ebd365618fd2d7ea77370599e1ca11):

The input address of the BaseCompartment::constructor is properly sanitized against the zero address in the latest implementation, ensuring that the contract cannot be accidentally misconfigured during its deployment.

Omniscia Myso Finance Audit

BaseCompartment Static Analysis Findings

BaseCompartment Static Analysis Findings

BCT-01S: Inexistent Sanitization of Input Addresses

Description:

Impact:

Example:

Recommendation:

Alleviation (c740f7c6b5ebd365618fd2d7ea77370599e1ca11):

BalancerV2Looping.sol (BVL-S)

BorrowerGateway.sol (BGY-S)

On this page