QA Report - Githubissues

code423n4 commented 2 years ago

Low severity findings

Through my audit of this project I have found 2 low priority findings that I think are worth calling out:

The borrow guardian is incorrectly set to "not-paused", in direct conflict to the comment above (see here). The code should be corrected to:

borrowGuardianPaused[address(cNft)] = true;

_changeAdmin in Comptroller here should have a require statement to guard against the 0 address (require(newAdmin != address(0)) and ideally should have a propose-accept pattern to protect against assigning admin rights to the wrong address by accident

bunkerfinance-dev commented 2 years ago

This report was useful to us.

gzeoneth commented 2 years ago

Nice catch re:borrowGuardianPaused