incorrect message signer check in ecrecover() and no validation for oracleSigner which would cause all the unsigned messagess to be considered asvalid ones

Lines of code Vulnerability details Impact address oracleSigner has been used to verify signed messages by comparing the return value of ecrecover by oracleSigner. but the return value of ecrecover would be 0x0 and code doesn't check that return value is not 0x0. if owner set oracleSigner as 0x0 ...

No check if 'ecrecover()' fails

Lines of code Vulnerability details Impact addMember function makes a call to 'ecrecover' to grab the 'community owner' & 'new member'. The problem is that if 'ecrecover' fails it will return a 0 which is currently not guarded against. This was a problem in the famous Polygon Matic token bug. The...