Vaults will fail if collateral address changes in controller
Summary
The current setup of the vaults, using an immutable collateral contract address, opens up a potential vulnerability. The controller's admin has the ability to change the collateral address, and doing so could disrupt the proper functioning of the vaults.
Vulnerability Detail
Currently, the vaults use an immutable collateral contract address, which can't be altered later on. There's a potential risk involved in this setup. The controller's admin has the power to change the collateral address, given that such a functionality exists. Should the admin decide to change the collateral address, it would disrupt the functioning of the vaults. Because the collateral contract address is hard-coded as immutable within the vaults, any such change will make the vaults lose sync and not work as intended.
Impact
Since there is a functionality to change collateral, vaults collateral address is immutable and the vaults products are using controllers collateral this should be a valid finding. Products are not using hardcoded collateral addresses, they use it via querying the controllers collateral which means products are safe. However, vaults use it as immutable which can't be adaptable with the products
mstpr-brainbot
high
Vaults will fail if collateral address changes in controller
Summary
The current setup of the vaults, using an immutable collateral contract address, opens up a potential vulnerability. The controller's admin has the ability to change the collateral address, and doing so could disrupt the proper functioning of the vaults.
Vulnerability Detail
Currently, the vaults use an immutable collateral contract address, which can't be altered later on. There's a potential risk involved in this setup. The controller's admin has the power to change the collateral address, given that such a functionality exists. Should the admin decide to change the collateral address, it would disrupt the functioning of the vaults. Because the collateral contract address is hard-coded as immutable within the vaults, any such change will make the vaults lose sync and not work as intended.
Impact
Since there is a functionality to change collateral, vaults collateral address is immutable and the vaults products are using controllers collateral this should be a valid finding. Products are not using hardcoded collateral addresses, they use it via querying the controllers collateral which means products are safe. However, vaults use it as immutable which can't be adaptable with the products
Code Snippet
https://github.com/sherlock-audit/2023-05-perennial/blob/main/perennial-mono/packages/perennial/contracts/controller/Controller.sol#L181-L185
https://github.com/sherlock-audit/2023-05-perennial/blob/main/perennial-mono/packages/perennial-vaults/contracts/balanced/BalancedVaultDefinition.sol#L33
Tool used
Manual Review
Recommendation
Duplicate of #183