Wrong modifier is being used in transferTokens() function
Summary
onlyExtension modifier is being used instead of onlyOperator modifier in transferTokens() function
Vulnerability Detail
In BaseManagerV2.soltransferTokens() function incorrect modifier is being used, according to the comments above the function this function is OPERATOR ONLY but if we look at the code and the modifier which is being used is onlyExtension instead of onlyOperator so wrong person will be able to call the function and will be able to transfer the funds which could result in unintended consequences and even loss of funds in worse case
Impact
Unauthorized person will be able to call this function which could result in unintended consequences and even loss of funds in some case scenarios.
BugBusters
high
Wrong modifier is being used in
transferTokens()functionSummary
onlyExtensionmodifier is being used instead ofonlyOperatormodifier in transferTokens() functionVulnerability Detail
In
BaseManagerV2.soltransferTokens()function incorrect modifier is being used, according to the comments above the function this function is OPERATOR ONLY but if we look at the code and the modifier which is being used isonlyExtensioninstead ofonlyOperatorso wrong person will be able to call the function and will be able to transfer the funds which could result in unintended consequences and even loss of funds in worse caseImpact
Unauthorized person will be able to call this function which could result in unintended consequences and even loss of funds in some case scenarios.
Code Snippet
https://github.com/sherlock-audit/2023-05-Index/blob/3190057afd3085143a31746d65045a0d1bacc78c/index-coop-smart-contracts/contracts/manager/BaseManagerV2.sol#L318
Tool used
Manual Review
Recommendation
Make sure that you are using the correct modifier as according with natspec
Duplicate of #337