Open code423n4 opened 3 years ago
This is technically correct, however, having a context that admin role is only temporary and will be moved to governance in the near future, I don't consider this as an issue. Especially that Comptroller
is using a proxy pattern so admin can always change the implementation at will. I consider this a non-critical issue.
I'm rating this a non-critical issue, as the Comptroller
using a proxy pattern would make this change redundant.
Handle
@cmichelio
Vulnerability details
Vulnerability Details
Admins can change the
comp=blo
address using_setCompAddress
and stop pending payouts using_dropCompMarket
.Impact
The allotted rewards of the users may not be paid out anymore due to admins changing the reward token (
comp
) address. Privileged admin roles make the protocol less predictable for users leading to hesitance and lost opportunity costs whenRecommended Mitigation Steps
Only set the
comp/blo
address if it has not been set already. Distribute the rewards up to now before cancelling rewards using_dropCompMarket
.