Updating config vars can break contracts

[code423n4]

Lines of code

https://github.com/code-423n4/2022-02-anchor/blob/7af353e3234837979a19ddc8093dc9ad3c63ab6b/contracts%2Fanchor-bAsset-contracts%2Fcontracts%2Fanchor_basset_hub%2Fsrc%2Funbond.rs#L134

Vulnerability details

Impact

Many contracts have an ExecuteMsg::UpdateConfig message that allows overwriting important config data. This can break the functionality of the contract. For example, changing the config.token_address will make it impossible to anchor_basset_hub.unbond.

It's a centralization risk on a potentially malicious/compromised owner with a big impact that can be avoided.

Recommended Mitigation Steps

Important config parameters that break core functionality on change should be immutable.

[GalloDaSballo]

Looks like Admin Privilege

[albertchon]

Downgrading to QA since it's expected that admin updates function properly