In Dispatcher.sol doesn't have any method to remove/change poolInfo array. Moreover, PoolInfo struct have an variable named owner which actually can change owner in Multipool.sol using transferOwnership()
Impact
Because poolInfo is a public variable, it will be confusing if protocol owner call Dispatcher.add through Factory.createMultipool() with incorrect inputs and can't redo it
Moreover, when Multipool contract can change owner by calling Multipool.transferOwnership(), but Dispatcher.poolInfo[x].owner is not change will confuse the user
tnquanghuy0512
medium
Dispatcher.poolInfo can lead to confusions
Summary
Dispatcher.poolInfo can lead to confusions
Vulnerability Detail
In Dispatcher.sol doesn't have any method to remove/change
poolInfoarray. Moreover,PoolInfostruct have an variable namedownerwhich actually can change owner inMultipool.solusingtransferOwnership()Impact
Because
poolInfois a public variable, it will be confusing if protocol owner callDispatcher.addthroughFactory.createMultipool()with incorrect inputs and can't redo it Moreover, when Multipool contract can change owner by callingMultipool.transferOwnership(), butDispatcher.poolInfo[x].owneris not change will confuse the userCode Snippet
https://github.com/sherlock-audit/2023-06-real-wagmi/blob/82a234a5c2c1fc1921c63265a9349b71d84675c4/concentrator/contracts/Dispatcher.sol#L55
Tool used
Manual Review
Recommendation
Add method to remove/change
poolInfo