Last updated: December 19, 2024
SCSTG-TEST-0002: Identity Verification Test
Validate that unexpected addresses do not result in unintended behaviors, particularly when these addresses refer to contracts within the same protocol.
- Ensure that when interacting with contracts, unexpected addresses are properly validated before performing sensitive operations.
require(address(contract) != address(0), "Invalid address");
Verify that functions like ecrecover handle all potential null addresses properly to avoid vulnerabilities arising from unexpected ecrecover outputs.
- Ensure that ecrecover does not process empty or null addresses.
address recovered = ecrecover(messageHash, v, r, s);
require(recovered != address(0), "Invalid signature");