Platform: Code4rena
Start Date: 14/04/2022
Pot Size: $75,000 USDC
Total HM: 8
Participants: 72
Period: 7 days
Judge: Jack the Pug
Total Solo HM: 2
Id: 110
League: ETH
Rank: 58/72
Findings: 1
Award: $91.39
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: IllIllI
Also found by: 0v3rf10w, 0x1f8b, 0xDjango, 0xkatana, AmitN, CertoraInc, Dravee, Funen, Hawkeye, Jujic, MaratCerby, Picodes, Ruhum, SolidityScan, TerrierLover, TomFrenchBlockchain, TrungOre, VAD37, Yiko, berndartmueller, cmichel, csanuragjain, danb, defsec, delfin454000, dipp, ellahi, fatherOfBlocks, georgypetrov, gs8nrv, gzeon, horsefacts, hubble, hyh, ilan, jah, joestakey, kebabsec, kenta, kyliek, m9800, minhquanym, oyc_109, p_crypt0, peritoflores, rayn, reassor, remora, rfa, robee, scaraven, securerodd, shenwilly, sorrynotsorry, tchkvsky, teryanarmen, z3s
91.3943 USDC - $91.39
claim functionExternal function claim#StackedCitadelVester.solis missing zero-address check for the parameter recipient . User could accidentally burn vestingTokens by transfering them to zero-address.
Add
require(recipient =! address(0))
Function clearCitadelPriceFlag#Funding.sol is missing an event after setting the parameter
citadelpriceFlag to false.
This is important as users will be unaware and can call the public function deposit#Funding.sol that will revert and will spend gas unnecessarily.
Add event
Functions setStrategist, setKeeper and setGovernance lack even emission after those variables are set. Consider adding new events and emit them at the end of every function.