c4-judge
commented
1 year ago dmvt marked the issue as duplicate of #54
Closed c4-judge closed 1 year ago
c4-judge
commented
1 year ago dmvt marked the issue as duplicate of #54
c4-judge
commented
1 year ago dmvt marked the issue as satisfactory
Judge has assessed an item in Issue #313 as M risk. The relevant finding follows:
[L-07] centralization risks The owner address of PoolAddressesProvider contract has control over many dangerous functions. Such as:
setAddressAsProxy, setPoolConfiguratorImpl and updatePoolImpl which are responsable for setting the pool diamon proxy implementation
setPriceOracle setPriceOracleSentinel: for settings the used oracle for the protocol prices
setACLAdmin: for setting the access control administration
All mentioned functions should have a time lock for the users to have more confidence in the protocol.