Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
code423n4Code4renaCODE423N4:2023-10-OPENDOLLAR-FINDINGS-ISSUES-433
HistoryOct 25, 2023 - 12:00 a.m.

Updating safeManager reference in Vault721 will brick transfer of safes

2023-10-2500:00:00
Code4rena
github.com
10
safe transfers
odsafemanager
vault721
immuable
upgradeable
state mismatch
migration issues

AI Score

7

Confidence

Low

JSON

Lines of code

Vulnerability details

Impact

Updating safeManager reference in Vault721 will brick safe transfers since the state of the new ODSafeManager instance won’t have corresponding data. In addition, it is not clear how it would be possible to achieve seamless migration as particular safeHandler instance grants safe modification permission within SafeEngine only to the single/original ODSafeManager instance and cannot be updated afterwards since there is no functionality for that in SafeHandler.sol contract.

It seems that if updates to the implementation are expected ODSafeManager should be a proxy contract.

Proof of Concept

Tools Used

Manual review.

Recommended Mitigation Steps

Consider making ODSafeManager reference in Vault721 immutable. Make ODSafeManager upgradeable contract.

Assessed type

Upgradable

The text was updated successfully, but these errors were encountered:

All reactions

AI Score

7

Confidence

Low

JSON