Platform: Code4rena
Start Date: 12/08/2022
Pot Size: $50,000 USDC
Total HM: 15
Participants: 120
Period: 5 days
Judge: Justin Goro
Total Solo HM: 6
Id: 153
League: ETH
Rank: 81/120
Findings: 1
Award: $45.85
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: 0x1f8b
Also found by: 0x52, 0xA5DF, 0xDjango, 0xNazgul, 0xNineDec, 0xSmartContract, 0xmatt, 0xsolstars, Aymen0909, Bnke0x0, CertoraInc, Chom, CodingNameKiki, Deivitto, Dravee, ElKu, EthLedger, Funen, IllIllI, JC, Junnon, Lambda, LeoS, MiloTruck, Noah3o6, PaludoX0, ReyAdmirado, Rohan16, RoiEvenHaim, Rolezn, SaharAP, Sm4rty, SooYa, The_GUILD, TomJ, Waze, Yiko, _Adam, __141345__, a12jmx, ak1, asutorufos, auditor0517, ayeslick, ballx, beelzebufo, berndartmueller, bin2chen, brgltd, c3phas, cRat1st0s, cccz, cryptonue, cryptphi, d3e4, delfin454000, dipp, djxploit, durianSausage, dy, erictee, fatherOfBlocks, gogo, gzeon, hyh, ignacio, kyteg, ladboy233, medikko, mics, minhquanym, oyc_109, pfapostol, rbserver, reassor, ret2basic, robee, sach1r0, simon135, sryysryy, tabish, yac, yash90, zzzitron
45.8482 USDC - $45.85
https://github.com/code-423n4/2022-08-frax/blob/main/src/contracts/FraxlendPair.sol#L288 https://github.com/code-423n4/2022-08-frax/blob/main/src/contracts/FraxlendPair.sol#L307
To call the function the operator has to be a borrower/lender. Once added the operator can add or remove whomever he wants.
An operator is added to the approvedBorrowers/approvedLenders mapping.
There are 5 other approved borrowers/lenders.
The operator decides to remove those borrowers/lenders then added other addresses under his control.
Only allow the owner to remove/add borrowers/lenders
#0 - amirnader-ghazvini
2022-08-29T19:17:57Z
Duplicate of #157