Lucene search
+L

4 matches found

Code423n4
Code423n4
•added 2022/08/07 12:0 a.m.•14 views

When a user is given the owner privilege of multiple MIMOProxy through transferOwnership, the user cannot choose which MIMOProxy to use as the current Proxy

Lines of code Vulnerability details Impact currentProxies is only set when the user calls the deployFor function of the MIMOProxyRegistry contract, function deployForaddress owner public override returns IMIMOProxy proxy IMIMOProxy currentProxy = currentProxiesowner; // Do not deploy if the proxy...

7.1AI score
Exploits0
Code423n4
Code423n4
•added 2022/08/07 12:0 a.m.•14 views

If a MIMOProxy owner destroys their proxy, they cannot deploy another from the same address

Lines of code Vulnerability details When deploying a new MIMOProxy, the MIMOProxyRegistry first checks whether a proxy exists with the same owner for the given address. If an existing proxy is found, the deployment reverts: MIMOProxyRegistrydeployFor function deployForaddress owner public overrid...

6.7AI score
Exploits0
Code423n4
Code423n4
•added 2022/08/07 12:0 a.m.•13 views

The lazy update of _currentProxies results in non-owners being able to execute functions that require owner privileges

Lines of code Vulnerability details Impact In the MIMOProxyRegistry contract, the getCurrentProxy function returns the address of the mimoProxy contract corresponding to the owner's address in currentProxies. function getCurrentProxyaddress owner external view override returns IMIMOProxy proxy...

6.9AI score
Exploits0
Code423n4
Code423n4
•added 2022/08/06 12:0 a.m.•9 views

Registry not updated when proxy ownership is transferred

Lines of code Vulnerability details Impact When the ownership of a MIMOProxy instance is transferred using the transferOwnership function, the MIMOProxyRegistry contract is not updated, although it is the main entry point of all the workflows, as described in the README.md file. Even after the...

6.7AI score
Exploits0
Rows per page
Query Builder