Omniscia Tangible Audit

SellFeeDistributorV2 Static Analysis Findings

SFD-01S: Inexistent Sanitization of Input Addresses

Type	Severity	Location
Input Sanitization		SellFeeDistributorV2.sol:L65-L78

Description:

The linked function(s) accept address arguments yet do not properly sanitize them.

Impact:

The presence of zero-value addresses, especially in constructor implementations, can cause the contract to be permanently inoperable. These checks are advised as zero-value inputs are a common side-effect of off-chain software related bugs.

Example:

contracts/SellFeeDistributorV2.sol

65function initialize(
66    address _factory,
67    address _revenueShare,
68    address _usdc,
69    address _tngbl,
70    bool _isMainnet
71) external initializer {
72    __FactoryModifiers_init(_factory);
73    USDC = IERC20(_usdc);
74    TNGBL = IERC20(_tngbl);
75    revenueShare = _revenueShare;
76    revenuePercent = 66_666666666;
77    isMainnet = _isMainnet;
78}

Recommendation:

We advise some basic sanitization to be put in place by ensuring that each address specified is non-zero.

Alleviation (2ad448279d9e8e4b6edd94bcd2eb22129b6f7357):

All input arguments of the SellFeeDistributorV2::initialize function are adequately sanitized as non-zero in the latest in-scope revision of the codebase, addressing this exhibit.

Omniscia Tangible Audit

SellFeeDistributorV2 Static Analysis Findings

SellFeeDistributorV2 Static Analysis Findings

SFD-01S: Inexistent Sanitization of Input Addresses

Description:

Impact:

Example:

Recommendation:

Alleviation (2ad448279d9e8e4b6edd94bcd2eb22129b6f7357):

RealtyOracleV2.sol (ROV-S)

TNGBLV3Oracle.sol (TNG-S)

On this page