2 matches found
Only admin can call peg functions
Lines of code Vulnerability details Impact Only admin multisig can call peg functions. This might delay re-pegs. Proof of Concept Both upperDepeg and lowerDepeg are meant to be called by any EOA or whitelisted contracts, but due to the onlyRole modifier, only the admin can currently call these...
[NAZ-H1] Anyone Can Call removeFeeder()
Lines of code Vulnerability details Impact Currently anyone can call removeFeeder which can cause an ample amount of issues across the protocol. It is also stated in the NatSpec: Allows owner to remove feeder. Proof of Concept Anyone can remove a feeder and only the admin should be able to remove...