Add assumptions and acknowledgments #44
Conversation
MerlinEgalite
requested review from
Rubilmax,
Jean-Grimal,
QGarchery,
peyha and
MathisGD
and removed request for
a team
Co-authored-by: Romain Milon <[email protected]> Signed-off-by: Merlin Egalite <[email protected]>
| /// - Feeds are set in the correct order. | ||
| /// - Decimals passed as argument are correct. |
There was a problem hiding this comment.
to me it's useless, it's like we can also add "the contract should be deployed"
| /// - Feeds are set in the correct order. | |
| /// - Decimals passed as argument are correct. |
There was a problem hiding this comment.
it's like we can also add "the contract should be deployed"
That's different. it reminds deployers what they should care about those params and it acknowledges to auditors that we don't check it (but we don't forget that this is important for a good setup).
It's closer to your mom saying "you should put your seatbelt". Ofc you know that you should do it but forgetting once could kill you.
PS: if we can reduce by 1% the hundreds of issues raised during the competition I would be happy
There was a problem hiding this comment.
it reminds deployers what they should care about those params
but it's always like that no? in which contract don't we care about the constructor parameter.
PS: if we can reduce by 1% the hundreds of issues raised during the competition I would be happy
what report does it prevent (honestly idk)?
There was a problem hiding this comment.
In other contracts we make sure we list the assumptions or do the check though.
what report does it prevent (honestly idk)?
- lack of sanity checks
- decimals set as input can be incorrect
- feeds might not give the expected output
- ...
Co-authored-by: Jean-Grimal <[email protected]> Signed-off-by: Merlin Egalite <[email protected]>
Fixes https://github.com/cantinasec/review-morpho-blue-1/issues/72