Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
code423n4Code4renaCODE423N4:2023-01-OPENSEA-FINDINGS-ISSUES-103
HistoryJan 23, 2023 - 12:00 a.m.

_CONDUIT_CONTROLLER variable is immutable, meaning it cannot be reassigned to a different contract after the contract is deployed.

2023-01-2300:00:00
Code4rena
github.com
4
immuatable
contract
reassignment
security vulnerability
decentralized exchange
JSON

Lines of code

Vulnerability details

Impact

_CONDUIT_CONTROLLER variable is immutable, meaning it cannot be reassigned to a different contract after the contract is deployed. This may be an issue if the original contract is no longer being maintained or if a different contract is needed for some reason.

Proof of Concept

One potential problem with this is that if the original contract that the _CONDUIT_CONTROLLER variable is set to during deployment is no longer being maintained or if a different contract is needed for some reason, there would be no way to update the variable to point to the new contract. This could cause issues with the functionality of the contract.

For example, imagine that the contract is being used in a decentralized exchange to facilitate token transfers. The original conduit controller contract that the _CONDUIT_CONTROLLER variable is set to during deployment is responsible for handling these token transfers. However, a security vulnerability is found in the original contract, and it is no longer being maintained. Without a way to update the _CONDUIT_CONTROLLER variable, the decentralized exchange would be unable to transfer tokens and could potentially lose a lot of money.

Tools Used

vs code

Recommended Mitigation Steps

The text was updated successfully, but these errors were encountered:

All reactions

JSON