Different access control in similar functions

[hats-bug-reporter[bot]]

Github username: @https://github.com/Pavel2202 Twitter username: https://twitter.com/timenov_pavel Submission hash (on-chain): 0x123777fe182d065a7920404d2fbf4db791dbbc1d1c90727b537a07b895803444 Severity: low

Description: Description\ In BribeFactory.sol there are 2 functions called addRewards. The first can be called only by the owner, but the second can be called both by the owner and voter. Consider allowing the voter to call the first function or dissallow him of calling the second.

https://github.com/Satsyxbt/Fenix/blob/7b81d318fd9ef6107a528b6bd49bb9383e1b52ab/contracts/bribes/BribeFactoryUpgradeable.sol#L85-L103

Attack Scenario\ Describe how the vulnerability can be exploited.

Attachments

1. Proof of Concept (PoC) File

2. Revised Code File (Optional)

[BohdanHrytsak]

Thank you for the submission.

This distribution of accesses was intended from the beginning in the contracts we inherit, although it looks strange now that Voter doesn't call any methods, it also doesn't cause any ill effect