If the incorrect address is mistakenly supplied to setAdmin, the Lender.sol contract would be completely compromised since functions such as approve could cause a lot of damage.
Recommmended Mitigation Steps
Consider using a proposeAdmin function that sets a pending admin and a acceptAdminfunction for the pending admin to accept the admin role.
A user can pass a malicious contract e into the element lend function which returns any amount. The returned purchased amount is then emitted and returned by the lend function. This could lead to undesirable behaviour depending on how the emitted and return values are used.
Recommmended Mitigation Steps
Check the amount of PT gained from the swap by comparing the purchased value to the difference in balance before and after the swap.
1. Setting a new admin should be a 2-step process
Line References
Lender.sol#L129-L132
Impact
If the incorrect address is mistakenly supplied to
setAdmin
, theLender.sol
contract would be completely compromised since functions such asapprove
could cause a lot of damage.Recommmended Mitigation Steps
Consider using a
proposeAdmin
function that sets a pending admin and aacceptAdmin
function for the pending admin to accept the admin role.2. Element pool
e
is not validatedLine References
Lender.sol#L362
Impact
A user can pass a malicious contract
e
into the elementlend
function which returns any amount. The returnedpurchased
amount is then emitted and returned by thelend
function. This could lead to undesirable behaviour depending on how the emitted and return values are used.Recommmended Mitigation Steps
Check the amount of PT gained from the swap by comparing the
purchased
value to the difference in balance before and after the swap.