Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Spectral Modelers>Discussion>Insufficient testing
GeneralOverview
Findings
Critical (1)
High (2)
Medium (3)
Low (1)
Informational (1)
DiscussionReturn of staked tokensInsufficient testingMissing zero-address check in `setAdmin`
Threat ModelWhat are threat models?BeaconProxyDeployer.solCompetition.solCompetitionFactory.solModeler.solServiceAgreement.sol
Audit ResultsSummary

Insufficient testing

In the current project, a significant portion of the issues, including bugs, security vulnerabilities, and functional inconsistencies can be traced back to inadequate testing practices. We addressed such issues in the Threat Model section (). Comprehensive testing is essential to ensure the correctness and security of the system. Either code coverage or negative testing is a good way to trigger bugs directly (e.g., the out-of-bound issue).

Moreover, the upgradeability of the protocol is not thoroughly tested. The current test suite does not extensively cover the upgradeability of the protocol, a component which is essential for the protocol to be production-ready. As the upgradeability of the protocol is a critical component, requiring a relatively high level of confidence, we recommend that the protocol be thoroughly tested in this regard.

Zellic © 2024Back to top ↑