EthPool Manual Review Findings

EPL-01M: Unsanitized State Transition

Description:

The setEventSend function should only set the _eventSend value to true when the values of the destinations struct have been set.

Example:

Copy
229function setEventSend(bool _eventSendSet) external override onlyOwner {
230    _eventSend = _eventSendSet;
231
232    emit EventSendSet(_eventSendSet);
233}

Recommendation:

We advise such sanitization to be imposed via corresponding require checks as otherwise almost all functions will become inexecutable.

Alleviation:

The function can now only be executed when the destinations.destinationOnL2 value has been set.