code-423n4 / 2021-11-badgerzaps-findings

0 stars 0 forks source link

`setGuardian` incorrectly set governance in SettToRenIbbtcZap.sol #75

Closed code423n4 closed 2 years ago

code423n4 commented 3 years ago

Handle

gzeon

Vulnerability details

Impact

setGuardian incorrectly set governance in SettToRenIbbtcZap.sol

Proof of Concept

https://github.com/Badger-Finance/badger-ibbtc-utility-zaps/blob/a5c71b72222d84b6414ca0339ed1761dc79fe56e/contracts/SettToRenIbbtcZap.sol#L132


        _onlyGovernance();
        governance = _guardian;
    }```

## Tools Used

## Recommended Mitigation Steps
GalloDaSballo commented 3 years ago

Agree, there' s a bunch of duplicates for this, I think #31 #10 and a few more I don't remember

CloudEllie commented 3 years ago

Also #25 (potentially), based on the comments I've seen

0xleastwood commented 2 years ago

duplicate of #51