Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Ethena>Low findings>Lack of input validation
GeneralOverview
Findings
Medium (1)
Low (1)Lack of input validation
DiscussionGas optimizations
Threat ModelsWhat are threat models?AstEth.solEUSDAToken.solEUSDVariableDebtToken.solEthenaMinting.solEthenaStaking.solStEthVariableDebtToken.sol
Audit ResultsSummary
Category: Coding Mistakes

Lack of input validation

Low Severity
Low Impact
Low Likelihood

Description

The following functions lack input validation.

  • The addSupportedAsset function lacks a check that the _assets is not zero address.

  • The addSupportedAsset function lacks a check that _asset has been already added.

  • The removeSupportedAsset function lacks a check that the _supportedAssets contains the _asset address.

Impact

If important input parameters are not checked, it can result in functionality issues and unnecessary gas usage and can even be the root cause of critical problems. It is crucial to properly validate input parameters to ensure the correct execution of a function and to prevent unintended consequences.

Recommendations

Consider adding require statements and necessary checks to the above functions.

Remediation

Ethena Labs acknowledged this finding and implemented a fix in commit df19a0d3.

Zellic © 2024Back to top ↑