Description

The owner-only setters in AddressProvider, DebtController, and BaseWasabiPool lack sanity checks. Some basic checks, such as ensuring an address is not zero or that a numeric parameter is within reasonable bounds, are commonly implemented as a defensive programming practice to increase the resilience of the codebase against unintentional errors.

Impact

This issue does not constitute an exploitable vulnerability, and as such is reported as informational. Implementing basic sanity checks could prevent trivial human errors from setting unintended, clearly incorrect values.

Recommendations

Consider adding basic sanity checks to the setters that lack them.

Remediation

This issue has been acknowledged by Wasabi, and a fix was implemented in commit 5fab86d9↗.