Closed code423n4 closed 1 year ago
trust1995 marked the issue as grade-c
Upgrades will follow pattern used here
Modifications to the parent contracts should not be made as this will violate the storage layout set forth in the initial implementation. We are not intending to upgrade any of the parent contracts of their respective cToken child's.
cashManager
has no funds unsure what calls could be made (Aside from minting from CASH token [In which case we would upgrade CASH token and decrement malicious users balances]). We assume nonMalicious action on the part of accounts w/ admin roles . This POC is uninteresting w/o POC related to gaining access to the managerAdmin
role.
See the markdown file with the details of this report here.