Through my audit of this project I have found 2 low priority findings that I think are worth calling out:
The borrow guardian is incorrectly set to "not-paused", in direct conflict to the comment above (see here). The code should be corrected to:
borrowGuardianPaused[address(cNft)] = true;
_changeAdmin in Comptroller here should have a require statement to guard against the 0 address (require(newAdmin != address(0)) and ideally should have a propose-accept pattern to protect against assigning admin rights to the wrong address by accident
Low severity findings
Through my audit of this project I have found 2 low priority findings that I think are worth calling out:
_changeAdmin
in Comptroller here should have a require statement to guard against the 0 address (require(newAdmin != address(0))
and ideally should have a propose-accept pattern to protect against assigning admin rights to the wrong address by accident