Missing zero address validation on setRebalanceManager function

[code423n4]

Handle

Dravee

Vulnerability details

Impact

Losing forever the onlyRebalanceManager privilege

Proof of Concept

A zero address validation is missing on the setRebalanceManager function in the following contracts:

• RebalanceManager.sol
• RebalanceManagerV2.sol
• RebalanceManagerV3.sol

Tools Used

VS Code

[loki-sama]

Setting to any unintended value would have the same effect.

[0xleastwood]

Not an issue, marking as non-critical.