Missing events emissions for onlyAdmin functions that change critical parameters

[hats-bug-reporter[bot]]

Github username: @dinkras Twitter username: dinkras Submission hash (on-chain): 0xfb2488a7f254df68ba07a048a4f84ca275a76c78265edae053b3dfa2e73773f5 Severity: low

Description: Description\ Functions that have the onlyOwner modifier and change critical state variables should emit events.

Events allow capturing the changed parameters so that off-chain tools/interfaces can register such changes with timelocks that allow users to evaluate them and consider if they would like to engage/exit based on how they perceive the changes as affecting the trustworthiness of the protocol or profitability of the implemented financial services.

The alternative of directly querying on-chain contract state for such changes is not considered practical for most users/usages.

Missing events do not promote transparency and if such changes immediately affect users’ perception of fairness or trustworthiness, they could exit the protocol causing a reduction in liquidity which could negatively impact protocol TVL and reputation.

Instances of such functions are:

AllowedRelayers.
    toggleRelayer() 
    toggleRelayersWhitelistEnabled()

BitcoinProver
    updateContractKeys()
    setMinWitnessConfirmations()

VaultBitcoinWallet
    toggleFeesExclusion()
    enableHooks()

Recommendation

Add events to all onlyOwner functions that change critical parameters.

NOTE: Issue applicable to all such instances in inscope contracts

[rotcivegaf]

Informational

[dinkras]

Thanks for the response. Reported the issues because it's a good practice and saw that on old contests it was classified as a valid low. However the sponsors, lead-auditor have the final word and I will respect the final decision.