If the incorrect address is mistakenly supplied to setAdmin, the Lender.sol contract would be completely compromised since functions such as approve could cause a lot of damage.
Recommmended Mitigation Steps
Consider using a proposeAdmin function that sets a pending admin and a acceptAdminfunction for the pending admin to accept the admin role.
A user can pass a malicious contract e into the element lend function which returns any amount. The returned purchased amount is then emitted and returned by the lend function. This could lead to undesirable behaviour depending on how the emitted and return values are used.
Recommmended Mitigation Steps
Check the amount of PT gained from the swap by comparing the purchased value to the difference in balance before and after the swap.
1. Setting a new admin should be a 2-step process
Line References
Lender.sol#L129-L132
Impact
If the incorrect address is mistakenly supplied to
setAdmin, theLender.solcontract would be completely compromised since functions such asapprovecould cause a lot of damage.Recommmended Mitigation Steps
Consider using a
proposeAdminfunction that sets a pending admin and aacceptAdminfunction for the pending admin to accept the admin role.2. Element pool
eis not validatedLine References
Lender.sol#L362
Impact
A user can pass a malicious contract
einto the elementlendfunction which returns any amount. The returnedpurchasedamount is then emitted and returned by thelendfunction. This could lead to undesirable behaviour depending on how the emitted and return values are used.Recommmended Mitigation Steps
Check the amount of PT gained from the swap by comparing the
purchasedvalue to the difference in balance before and after the swap.