There is no implementation of a function in the VaultController that calls the setQuitPeriod() function. There is therefore no way to change the quitPeriod().
Proof of Concept
Vault are suppoed to be able to have a quitPeriod of 1-7 days. Since no function in the VaultController has been implemented to call the quitPeriod can not be changed.
Being able to change the quitPeriod is an important functionality. Extending it is an important security feature that is needed if dangerous or contentious changes are proposed.
Tools Used
manual review
Recommended Mitigation Steps
Add a function to the VaultController that calls the setQuitPeriod().
Lines of code
https://github.com/code-423n4/2023-01-popcorn/blob/d95fc31449c260901811196d617366d6352258cd/src/vault/Vault.sol#L629
Vulnerability details
Impact
There is no implementation of a function in the VaultController that calls the
setQuitPeriod()
function. There is therefore no way to change thequitPeriod()
.Proof of Concept
Vault are suppoed to be able to have a
quitPeriod
of 1-7 days. Since no function in the VaultController has been implemented to call thequitPeriod
can not be changed.Being able to change the
quitPeriod
is an important functionality. Extending it is an important security feature that is needed if dangerous or contentious changes are proposed.Tools Used
manual review
Recommended Mitigation Steps
Add a function to the VaultController that calls the
setQuitPeriod()
.