Use of controller DNGMXVaultController for two separate contracts with different functions
Summary
DNGMXVaultController must be deployed twice to control calls to two separate contracts withdrawPeriphery and depositPeriphery. While this poses no issues, it can be confusing.
Vulnerability Detail
DNGMXVaultController controls calls to the function depositToken(address,address,uint256) of depositPeriphery and to functions redeemToken(address,address,uint256) and withdrawToken(address,address,uint256) of withdrawPeriphery.
It must be deployed twice, one contract for each Perphery.
It can be confusing for someone looking at the chain to have functions for withdrawPeriphery in the controller of depositPeriphery and vice-versa.
Impact
Can be confusing to have a controller which contains checks for functions that are not present in the target integration.
Consider using two different contracts for controlling calls to withdrawPeriphery and to depositPeriphery, each containing only the checks to the functions to be called on the target integration.
Bahurum
informational
Use of controller
DNGMXVaultController
for two separate contracts with different functionsSummary
DNGMXVaultController
must be deployed twice to control calls to two separate contractswithdrawPeriphery
anddepositPeriphery
. While this poses no issues, it can be confusing.Vulnerability Detail
DNGMXVaultController
controls calls to the functiondepositToken(address,address,uint256)
ofdepositPeriphery
and to functionsredeemToken(address,address,uint256)
andwithdrawToken(address,address,uint256)
ofwithdrawPeriphery
. It must be deployed twice, one contract for each Perphery. It can be confusing for someone looking at the chain to have functions forwithdrawPeriphery
in the controller ofdepositPeriphery
and vice-versa.Impact
Can be confusing to have a controller which contains checks for functions that are not present in the target integration.
Code Snippet
https://github.com/sherlock-audit/2023-01-sentiment/blob/main/controller-52/src/rage/DNGMXVaultController.sol#L15-L22
Tool used
Manual Review
Recommendation
Consider using two different contracts for controlling calls to
withdrawPeriphery
and todepositPeriphery
, each containing only the checks to the functions to be called on the target integration.