Function _isValidAdminOrPoolDelegate() is not about pause/unpause but about msg.sender being valid Admin or Pool Delegate, which is used by pause/unpause in StakeLocker.sol.
Therefore, the Natspec comment for this function is incorrect:
@dev Function to determine if msg.sender is eligible to trigger pause/unpause.
lucas-manuel
commented
3 years ago
Handle
0xRajeev
Vulnerability details
Impact
Function _isValidAdminOrPoolDelegate() is not about pause/unpause but about msg.sender being valid Admin or Pool Delegate, which is used by pause/unpause in StakeLocker.sol.
Therefore, the Natspec comment for this function is incorrect: @dev Function to determine if msg.sender is eligible to trigger pause/unpause.
Proof of Concept
https://github.com/maple-labs/maple-core/blob/355141befa89c7623150a83b7d56a5f5820819e9/contracts/StakeLocker.sol#L295-L300
Tools Used
Manual Analysis
Recommended Mitigation Steps
Change @dev Natspec comment to correctly indicate the functionality of _isValidAdminOrPoolDelegate().