Omniscia Steadefi Audit
ChainLinkOracle Static Analysis Findings
ChainLinkOracle Static Analysis Findings
CLO-01S: Redundant Constructor Implementation
| Type | Severity | Location |
|---|---|---|
| Language Specific |  | ChainLinkOracle.sol:L10 |
Description:
The linked constructor definition is entirely redundant as it executes no statements.
Example:
10constructor() {}Recommendation:
We advise the implementation to be omitted from the codebase optimizing its deployment cost.
Alleviation (4325253d6de0ea91c1e9fb9e01d2e7e98f3d83a9):
The empty constructor was omitted from the codebase as advised.
CLO-02S: Inexistent Sanitization of Input Address
| Type | Severity | Location |
|---|---|---|
| Input Sanitization |  | ChainLinkOracle.sol:L17-L19 |
Description:
The linked function accepts an address argument yet does not properly sanitize it.
Impact:
The presence of zero-value addresses, especially in constructor implementations, can cause the contract to be permanently inoperable. These checks are advised as zero-value inputs are a common side-effect of off-chain software related bugs.
Example:
17function addTokenPriceFeed(address _token, address _feed) external onlyOwner {18 tokenToPriceFeed[_token] = _feed;19}Recommendation:
We advise some basic sanitization to be put in place by ensuring that the address specified is non-zero.
Alleviation (4325253d6de0ea91c1e9fb9e01d2e7e98f3d83a9):
Multiple require checks were introduced ensuring that the _token the price feed is set for as well as the price _feed itself are non-zero, alleviating this exhibit.