Audit finding: CR-1
Source: audit/2026-03-14-01 triage #76 (CodeRabbit PR #2512)
LibGenericPoolExchange.exchange() decodes spender and pool addresses from calldata without validating they are not address(0). A zero address would cause silent failures in the approval and function call.
File: src/lib/LibGenericPoolExchange.sol
Audit finding: CR-1
Source:
audit/2026-03-14-01triage #76 (CodeRabbit PR #2512)LibGenericPoolExchange.exchange()decodesspenderandpooladdresses from calldata without validating they are notaddress(0). A zero address would cause silent failures in the approval and function call.File:
src/lib/LibGenericPoolExchange.sol