Description
Anyone can re-initialize the trader contract to gain administrator privileges and steal the contract balance.
The initialize function does not restrict how many times it can be called.
Additionally, it does not verify that the admin address passed as a parameter matches the existing contract administrator address, if it was set.
Recommendation
Make sure the initialize function can only be called once, similarly to what the pool contracts do.
Description Anyone can re-initialize the trader contract to gain administrator privileges and steal the contract balance. The initialize function does not restrict how many times it can be called. Additionally, it does not verify that the admin address passed as a parameter matches the existing contract administrator address, if it was set.
Recommendation Make sure the initialize function can only be called once, similarly to what the pool contracts do.