Security context

What an agent needs to avoid regressing past fixes and find the next vuln in this repo.

arcadia-finance/lending-v2
main @ c261329
2
Fixes
0
CVEs
MEDIUM
Peak severity
Highlights
Auth Bypass: 2 prior fixes. Scrutinize any change in this area.
LendingPoolGuardian.sol: most-fixed (1 issue). Treat as high-risk during review.
0 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns

The bug types that recur here, drawn from past fixes, not open vulnerabilities.

Auth Bypass: Inconsistent state restoration during pool unpausing allowed operations to resume under incorrect conditions, effectively bypassing intended pausing restrictions. Ensure all state variables governing borrowing and depositing operations are thoroughly validated and correctly restored upon calling unpause().
Auth Bypass: Enforcing validation rules inside internal helpers rather than at the external boundary can lead to authorization and limit bypasses depending on the execution path. Moving borrow cap checks to external entry points ensures that they cannot be evaded via alternative execution flows.