Several critical functions like createPoolD650E2D0(), collectProtocol7540FA9F(), enablePool579DA658() etc. don't have any access control checks. They simply delegate the call to the admin executor contract without verifying if the caller has the appropriate permissions.
Any external actor could call these admin functions and potentially manipulate critical protocol parameters if the admin executor contract doesn't implement proper access controls. This could lead to unauthorized pool creation, fee collection, enabling/disabling pools etc.
Lines of code
https://github.com/code-423n4/2024-08-superposition/blob/4528c9d2dbe1550d2660dac903a8246076044905/pkg/sol/SeawaterAMM.sol#L160-L168
Vulnerability details
Vulnerability Details
Several critical functions like createPoolD650E2D0(), collectProtocol7540FA9F(), enablePool579DA658() etc. don't have any access control checks. They simply delegate the call to the admin executor contract without verifying if the caller has the appropriate permissions.
Link To Code
Impact
Any external actor could call these admin functions and potentially manipulate critical protocol parameters if the admin executor contract doesn't implement proper access controls. This could lead to unauthorized pool creation, fee collection, enabling/disabling pools etc.
Proof of Concept
Tools Used
Manual Review
Recommended Mitigation Steps
Add access control checks in the SeawaterAMM contract before delegating admin calls:
Assessed type
Access Control