Omniscia Tangible Audit

TangibleReaderHelperV2 Static Analysis Findings

TRH-01S: Inexistent Sanitization of Input Addresses

Type	Severity	Location
Input Sanitization		TangibleReaderHelperV2.sol:L35-L40

Description:

The linked function(s) accept address arguments yet do not properly sanitize them.

Impact:

The presence of zero-value addresses, especially in constructor implementations, can cause the contract to be permanently inoperable. These checks are advised as zero-value inputs are a common side-effect of off-chain software related bugs.

Example:

contracts/TangibleReaderHelperV2.sol

35constructor(IFactory _factory, IPassiveIncomeNFT _passiveNft, RevenueShare _revenueShare) {
36    require(address(_factory) != address(0), "FP 0");
37    factory = _factory;
38    passiveNft = _passiveNft;
39    revenueShare = _revenueShare;
40}

Recommendation:

We advise some basic sanitization to be put in place by ensuring that each address specified is non-zero.

Alleviation (2ad448279d9e8e4b6edd94bcd2eb22129b6f7357):

All input arguments of the TangibleReaderHelperV2::constructor function are adequately sanitized as non-zero in the latest in-scope revision of the codebase, addressing this exhibit.

Omniscia Tangible Audit

TangibleReaderHelperV2 Static Analysis Findings

TangibleReaderHelperV2 Static Analysis Findings

TRH-01S: Inexistent Sanitization of Input Addresses

Description:

Impact:

Example:

Recommendation:

Alleviation (2ad448279d9e8e4b6edd94bcd2eb22129b6f7357):

TangibleNFTV2.sol (TNT-S)

UsdUsdOracle.sol (UUO-S)

On this page