`NominationAgent` contract lack of transfer admin function

[hats-bug-reporter[bot]]

Github username: -- Twitter username: -- Submission hash (on-chain): 0x8e1572818c9fca0d1e2df16885861ef4c0bfc65c1615bfbf48cee89fc44b4e9b Severity: low

Description: Description\

NominationAgent has admin variable which is set on constructor

File: lib.rs
38:         pub fn new(vault_: AccountId, admin_: AccountId, pool_id_: u32) -> Self {
39:             NominationAgent {
40:                 vault: vault_,
41:                 admin: admin_,
42:                 pool_id: pool_id_,
43:                 staked: 0,
44:             }
45:         }

This admin can upgrade the contract, as there is set_code function.

Looking on how vault contract designed, the upgrade (set_code) can be done by role_owner, and if we look at the contract, there is a function transfer_role_owner to transfer this ownership.

Unlike the vault, this NominationAgent contract lack of this admin transfer ownership function

One can argue to just create another one and withdraw and unbound the agent holding, but this may cumbersome if required to change all nomination agents when there are large enough, moreover it can distrupt the functionality temporarily. Thus having a transfer admin function is reasonable.

Attack Scenario

Attachments

1. Proof of Concept (PoC) File

2. Revised Code File (Optional)

Recommendation

Consider to implement a transfer admin function in NominationAgent

[0xmahdirostami]

Thank you for your submission. design choice, there is no issue here.

[bgibers]

To complete our design choice of relinquishing power, we will need to transfer the admin