Vault/Asset Identifier Mismatch Detection

[gbrigandi]

Static analysis fails to detect when vault identifiers are confused with asset identifiers. In DeFi protocols, mixing up vault contract addresses with underlying asset addresses can lead to funds being sent to wrong contracts or accessing incorrect mappings.
Analysis should identify instances where vault addresses are treated as ERC20 tokens or asset addresses are used in vault-specific functions. This prevents critical vulnerabilities in protocols where identifier confusion could compromise user funds.