Changing epochDuration messes up the protocol. It can result in user's deposit to be saved under the wrong epoch.
Proof of Concept
Lets say epoch length is 10 seconds and userA makes a deposit (requestMint) in the second second. User has therefore made a deposit in the first epoch, however, if admin in the next second sets epoch duration to 1 second and then in 4th second another user calls requestMint, then he changes the current epoch to 4th and resulting in userA's deposit being saved in the wrong epoch (1st indtead of 2nd).
Time frame:
1st second
2nd second: UserA makes a deposit
3rd second: Admin changes epoch duration to 1 second from 10 second
4th second: UserB makes a deposit which calls transitionEpoch and changes epoch order
Such change can result in user's deposits being mixed up or lost.
Tools Used
Manual review
Recommended Mitigation Steps
Don't allow epochDuration changes, since it messes up historic records.
Lines of code
https://github.com/code-423n4/2023-01-ondo/blob/f3426e5b6b4561e09460b2e6471eb694efdd6c70/contracts/cash/CashManager.sol#L546-L552
Vulnerability details
Impact
Changing epochDuration messes up the protocol. It can result in user's deposit to be saved under the wrong epoch.
Proof of Concept
Lets say epoch length is 10 seconds and userA makes a deposit (requestMint) in the second second. User has therefore made a deposit in the first epoch, however, if admin in the next second sets epoch duration to 1 second and then in 4th second another user calls requestMint, then he changes the current epoch to 4th and resulting in userA's deposit being saved in the wrong epoch (1st indtead of 2nd).
Time frame:
Such change can result in user's deposits being mixed up or lost.
Tools Used
Manual review
Recommended Mitigation Steps
Don't allow epochDuration changes, since it messes up historic records.