Summary

Proxy admin privileges are inadequately secured, risking malicious upgrades

Vulnerability Details

The PerpsEngine and MarketMakingEngine root proxies might allow admin takeover if transferOwnership() is unprotected or initialize() is callable post-deployment

Impact

An attacker could upgrade contracts to steal funds or disable security mechanisms

Tools Used

Manual review of proxy initialization logic

Recommendations

Use OpenZeppelin’s TransparentUpgradeableProxy with a timelock for upgrades. Ensure initialize() is called only once