16 matches found
ODSafeManager#allowSAFE() cannot be executed either by the proxy contract or any other address.
Lines of code Vulnerability details Impact "According to the GEB framework, the proxy contracts ODProxy are designed to interact with the Safe Manager ODSafeManager through the Proxy Action contract BasicActions. The pivotal function, allowSAFE, is responsible for granting an address the capabili...
No check proxy contract is deployed
Lines of code Vulnerability details The deployProxyDelegatorIfNeeded function in ERC20MultiDelegate.sol does not verify that a proxy contract has been successfully deployed before emitting an event indicating its creation. Impact Both createProxyDelegatorAndTransfer and processDelegation function...
Hash Collisions and Front-Running Risk
Lines of code Vulnerability details Salt Value in Proxy Deployment: The contract uses a salt value of 0 during the deployment of proxy delegator contracts. This introduces a significant security concern related to potential hash collisions. If multiple delegators attempt to deploy to the same...
Assembly proxy creation lacks bytecode validation, enabling arbitrary contract deployment.
Lines of code Vulnerability details Impact The proxy contract creation uses assembly to compute the create2 address. But it does not verify the deployed bytecode matches expectations. The use of assemble for proxy contract creation has potential risks if the bytecode is not validated. This could...
ENS (ERC20Votes) token transferred to the proxy contract will be lost forever.
Lines of code Vulnerability details Impact ENS ERC20Votes token transferred to the proxy contract will be lost forever. As delegation amount is out of sync with the ERC1155 balance if the ENS token is transferred to the proxy contract. Proof of Concept When the user delegates 100 tokens to A, the...
Tokens could be stolen by specifying an unauthorized address.
Lines of code Vulnerability details Impact transferBetweenDelegators transfers tokens between proxy contract addresses without any validation. Tokens could be stolen by specifying an unauthorized address. Proof of Concept The issue with transferBetweenDelegators occurs here as we can see: functio...
Possibility of security vulnerabilities introduced by creating ERC20ProxyDelegator instances on the fly using static salt values
Lines of code Vulnerability details Impact Security risks associated with deploying proxy contracts via deterministic addresses that can be easily calculated. In deployProxyDelegatorIfNeeded, in the case that extcodesizeproxyAddress == 0, then a proxy contract is instantiated ad hoc via new...
onlyProxy MODIFIER CAN BE BYPASSED BY A MALICIOUS PROXY CONTRACT AND CAN PUSH THE IMPLEMENTATION CONTRACT INTO AN UNDESIRABLE STATE
Lines of code Vulnerability details Impact The Upgradeable.onlyProxy modifier is used to ensure that a function can only be called by the proxy and can not be directly called in the Upgradeable.sol contract. The onlyProxy modifier implementation is as follows: modifier onlyProxy // Prevent setup...
Unauthorized Access and Control in Proxy Contract
Lines of code Vulnerability details Summary: The code contains a bug that can lead to unauthorized access and control over the contract. This bug allows any caller, even those who are not the owner or address0, to bypass the intended access control mechanisms and execute arbitrary code on the...
Storage collision in Collateral.sol
Lines of code Vulnerability details Vulnerability details collateral.sol is an upgradeable contract. Upgradeable contracts should not use the constructor to initialize variables, as these will be set in the contract storage of the implementation contract, instead of the intended contract storage ...
Incorrect revenue calculation will lead to revenue theft through proxy attacks
Lines of code Vulnerability details Impact The incorrect way revenue is calculated can lead to CSR being stolen through proxy attacks, which is likely to lead the ecology into CSR bribery war. Eventually, this feature will translate into reduced gas fees for all transactions, regardless of whethe...
User can redirect fees by using a proxy contract
Lines of code Vulnerability details Impact For any given tx, the fees are sent to its recipient To. Anybody can register an address using the Turnstile contract. Thus, a user is able to create a proxy contract with which they execute other smart contracts. That way, the fees are sent to their own...
Malicious manipulation of gas reserve can deny access to MIMOProxy
Lines of code Vulnerability details The MIMOProxy contract defines a minGasReserve value as a storage variable: MIMOProxy.solL18: /// @inheritdoc IMIMOProxy uint256 public override minGasReserve; The execute function uses this minGasReserve value to calculate a gas stipend to provide to the targe...
Overwriting storage slots in MIMOProxy
Lines of code Vulnerability details Impact The MIMOProxy allows you to delegate a call to another contract from a permission of owner. With a delegate call, the entire storage layout is kept the same as it is on MIMOProxy. It means that if the delegate call will be made for smart contract with...
Usage of an incorrect version of ERC20Permit contract can give unknown token with 0 decimals after upgrade.
Handle Jujic Vulnerability details Impact Based on the context and comments in the code, the Malt.sol contract is designed to be deployed as an upgradeable proxy contract. In Solidity, code that is inside a constructor or part of a global variable declaration is not part of a deployed contract’s...
DOS by Frontrunning NoteERC20 initialize() Function
Handle leastwood Vulnerability details Impact The scripts/ folder outlines a number of deployment scripts used by the Notional team. Some of the contracts deployed utilise the ERC1967 upgradeable proxy standard. This standard involves first deploying an implementation contract and later a proxy...