Lack of event emission after sensitive actions The _getLatestFundingRate function of the FundingRateApplier contract does not emit relevant events after executing the sensitive actions of setting the fundingRate, updateTime and proposalTime, and transferring the rewards.
Consider emitting events after sensitive changes take place, to facilitate tracking and notify off-chain clients following the contract’s activity.
- OpenZeppelin Audit UMA Finding M01
- Auditing & Logging
- Medium Severity
- Sensitive Actions
- No Events
- Events -> Offchain Tracking
- Youtube Reference
- Medium Risk severity finding from OpenZeppelin’s Audit of UMA Phase 4