Macho Taffy Owl
High
The constructor of the LenderCommitmentGroup_Smart contract incorrectly passes the SMART_COMMITMENT_FORWARDER address to the OracleProtectedChild contract instead of the Oracle Manager address, leading to potential authorization issues.
In the constructor of the LenderCommitmentGroup_Smart contract, the following code:
/// @custom:oz-upgrades-unsafe-allow constructor
constructor(
address _tellerV2,
address _smartCommitmentForwarder,
address _uniswapV3Factory
@>> ) OracleProtectedChild(_smartCommitmentForwarder) {
TELLER_V2 = _tellerV2;
SMART_COMMITMENT_FORWARDER = _smartCommitmentForwarder;
UNISWAP_V3_FACTORY = _uniswapV3Factory;
}incorrectly uses _smartCommitmentForwarder instead of the correct Oracle Manager address, leading to potential unauthorized access.
No response
No response
No response
These modifier we used in the LenderCommitmentGroup_Smart won't work because in _smartCommitmentForwarder address we don't have these isOracleApproved, isOracleApprovedAllowEOA functions and they will revert So call to addPrincipalToCommitmentGroup, burnSharesToWithdrawEarnings and liquidateDefaultedLoanWithIncentive will always revert because of onlyOracleApprovedAllowEOA modifier.
modifier onlyOracleApproved() {
IOracleProtectionManager oracleManager = IOracleProtectionManager(ORACLE_MANAGER);
require( oracleManager .isOracleApproved(msg.sender ) , "Oracle: Not Approved");
_;
}
modifier onlyOracleApprovedAllowEOA() {
IOracleProtectionManager oracleManager = IOracleProtectionManager(ORACLE_MANAGER);
require( oracleManager.isOracleApprovedAllowEOA(msg.sender) , "Oracle: Not Approved");
_;
}No response
Modify constructor to correctly pass the ORACLE_MANAGER address to the OracleProtectedChild contract.
constructor(
address _tellerV2,
address _smartCommitmentForwarder,
address _uniswapV3Factory
@>> ) OracleProtectedChild(_smartCommitmentForwarder) {
TELLER_V2 = _tellerV2;
SMART_COMMITMENT_FORWARDER = _smartCommitmentForwarder;
UNISWAP_V3_FACTORY = _uniswapV3Factory;
}