`BaseGauge` has functions that can only be used by `GaugeController` but are not implemented there
Summary
BaseGauge has functions protected by onlyController but the GaugeController does not implement any functionality to use them.
Vulnerability Details
These functions are:
setEmissionsetInitialWeightsetBoostParameters
If we check the code implementation of GaugeController we can see that there are no functions that can interact with these functions. We can see that Gauges expect the GaugeController to call this functions since they are protected by onlyController modifier. Due to lack of implementation the GaugeController can't do it.
Impact
Due to lack of implementation GaugeController can't call some functions in the Gauges. Since the Gauges expect GaugeController to call them, this lack of implementation leads to disruption to the protocol's functionality.
Tools Used
Manual Review, Hardhat
Recommendations
Add functions to GaugeController that can call functions in Gauges protected by onlyController modifier.
Lead Judging Commences
`setWeeklyEmission`, `setBoostParameters`, `setEmission` and `setInitialWeight` cannot be called due to controller access control - not implemented in controller
`setWeeklyEmission`, `setBoostParameters`, `setEmission` and `setInitialWeight` cannot be called due to controller access control - not implemented in controller
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.