Summary

Swan.sol inherits from contracts that are not stateless and don't contain storage gaps which can be dangerous when upgrading.

Vulnerability Details

When creating upgradable contracts that inherit from other contracts is important that there are storage gap in case storage variable are added to inherited contracts. If an inherited contract is a stateless contract (i.e. it doesn't have any storage) then it is acceptable to omit a storage gap, since these function similar to libraries and aren't intended to add any storage. The issue is that Swan.sol inherits from contracts that contain storage that don't contain any gaps. These contracts can pose a significant risk when updating a contract because they can shift the storage slots of all inherited contracts.
The same issue exists in the oracle as well.

Impact

These contracts can pose a significant risk when updating a contract because they can shift the storage slots of all inherited contracts.

Tools Used

manual

Recommendations

Add storage gaps to all inherited contracts that contain storage variables.