Wrong validation checks

• The processPayment() performs validation checks for validAfter and validUntil properties but these checks are already performed in the initiatePayment() function that executes processPayment().

• When registering a subscription _validUntil should be enforced to be larger than _validAfter which is set to block.timestamp, to ensure that the newly created subscription is valid.

• When registering a subscription in the createSubscription() function in the SubExecutor.sol contract there is a zero-address check for the amount but this check is already performed in the registerSubscription() function in Initiator.sol contract which is executed internally.

/// @notice Initiates a payment for a given subscriber
/// @param _subscriber Address of the subscriber
/// @dev This function ensures that the subscription is active and the
///       payment interval has been reached
function initiatePayment(address _subscriber) public nonReentrant {
  require(subscription.validUntil > block.timestamp, "Subscription is not active");
  require(subscription.validAfter < block.timestamp, "Subscription is not active");
}

Redundant gas usage on every payment call, and a missing invariant check that allows nonsensical subscriptions with validUntil <= validAfter to be registered.

• Consider removing the duplicated validation checks:

  diffCopy

  function initiatePayment(address _subscriber) public nonReentrant {
  - require(subscription.validUntil > block.timestamp, "Subscription is not active");
  - require(subscription.validAfter < block.timestamp, "Subscription is not active");
  }
  
  - require(_amount > 0, "Subscription amount is 0");

• Add the following validation check in the registerSubscription() function, and consider setting a minimum subscription's validity period as well:

  diffCopy

  + require(_validUntil > _validAfter, "Wrong subscription's timestamp validity");

Team Response: Acknowledged and fixed as suggested.