Lines of code

Vulnerability details

Submitting as med risk because these are very important functions and using requires like this seems very likely to cause future mistakes

Impact

Increases likelihood of future vulnerabilities

Proof of Concept

_initiateDelegated() _acceptInitialAdminDelegated() and _setPendingAdminDelegated are potentially dangerous because in future implementations they may think that they functions are already protected by require(msg.sender == admin) but in reality they are not because the fallback function allows anyone to call the exact same functions without this protection.

Tools Used

Recommended Mitigation Steps

Remove L40, L48, L56

The text was updated successfully, but these errors were encountered:

All reactions