Omniscia Native Audit
PoolFactory Static Analysis Findings
PoolFactory Static Analysis Findings
PFY-01S: Data Location Optimizations
| Type | Severity | Location |
|---|---|---|
| Gas Optimization |  | PoolFactory.sol:L53-L56 |
Description:
The linked input arguments are set as memory in external function(s).
Example:
47function createNewPool(48 //address wbnbAddress,49 address treasuryAddress,50 address poolOwnerAddress,51 address signerAddress,52 address pricingModelRegistry,53 uint256[] memory fees,54 address[] memory tokenAs,55 address[] memory tokenBs,56 uint256[] memory pricingModelIds57) external noDelegateCall override returns (IPool pool) {Recommendation:
We advise them to be set as calldata optimizing their read-access gas cost.
Alleviation:
The referenced arguments have been set as calldata optimizing their read-access gas cost.
PFY-02S: Inexistent Sanitization of Input Address
| Type | Severity | Location |
|---|---|---|
| Input Sanitization |  | PoolFactory.sol:L92-L95 |
Description:
The linked function accepts an address argument yet does not properly sanitize it.
Impact:
The presence of zero-value addresses, especially in constructor implementations, can cause the contract to be permanently inoperable. These checks are advised as zero-value inputs are a common side-effect of off-chain software related bugs.
Example:
92function setRegistry(address _registry) public onlyOwner {93 require(registry == address(0));94 registry = _registry;95}Recommendation:
We advise some basic sanitization to be put in place by ensuring that the address specified is non-zero.
Alleviation:
The _registry input argument of the referenced function is now adequately sanitized as non-zero.