Platform: Code4rena
Start Date: 10/03/2022
Pot Size: $75,000 USDT
Total HM: 25
Participants: 54
Period: 7 days
Judge: pauliax
Total Solo HM: 10
Id: 97
League: ETH
Rank: 47/54
Findings: 1
Award: $119.00
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: hickuphh3
Also found by: 0v3rf10w, 0x1f8b, 0xDjango, 0xNazgul, 0xngndev, 0xwags, Cantor_Dust, CertoraInc, Dravee, IllIllI, PPrieditis, Ruhum, TerrierLover, WatchPug, XDms, benk10, berndartmueller, bitbopper, catchup, cmichel, cryptphi, csanuragjain, danb, defsec, gzeon, hagrid, hubble, jayjonah8, kenta, kyliek, minhquanym, rfa, robee, saian, samruna, throttle, ye0lde, z3s
119.0033 USDT - $119.00
Hello, I am a new warden and apologize for any mistakes, this is only one low report (probably found by others too) and I will keep it simple and concise.
LOW FINDING _to parameter unchecked for zero address
In LiquidityFarming.sol, inside the functions _sendRewardsForNft, deposit and extractRewards (lines 122, 196, 229), there is no check to validate that _to argument is not an empty address 0x0, this to prevent accidental withdrawals for the user with a loss of funds.
Resolution: I would suggest to add one require (_to != address(0)) like in the function reclaimTokens (line 180, 185)