Open zlsecure3 opened 1 year ago
submission_id:1761642299
review_type:GRADING
result: TBD-yes,no
rating: TBD-123
comment: TBD-Rejected,Accepted by Secure3.
severity: TBD-Critical,Medium,Low,Informational
category:
description:
submission_id:1761642299
review_type:CLIENT_FEEDBACK
result: TBD-yes,no
severity: TBD-Critical,Medium,Low,Informational
comment:
submission_id:1761642299
review_type:CLIENT_FEEDBACK_DECISION
result: TBD-yes,no,yes-honored,no-honored
severity: TBD-Critical,Medium,Low,Informational
comment:
subject
onlyManager granted too many permissions to
Vault::cumulateProtocolFee
functiondescription
Vault::cumulateProtocolFee
is in fact only called byFuturesManager
andLpManager
, never byInsuranceManager
, butonlyManager
also grants permission toInsuranceManager
, which is not necessary, and maybe leveraged in the future.recommendation
Make the permission more accurate, for example change it to
onlyManager(bool includingInsuranceManager)
and grant permissions accordingly.locations
severity
Low
damage
exploitability
category
Code Style
system_generated: auditor:alansh submission_id:1761642299