24 matches found
Multi-Copy Security in Unclonable Cryptography
Unclonable cryptography leverages the quantum no-cloning principle to copy-protect cryptographic functionalities. While most existing works address the basic single-copy security, the stronger notion of multi-copy security remains largely unexplored. We introduce a generic compiler that upgrades...
FlexiContracts: a Novel and Efficient Scheme for Upgrading Smart Contracts in Ethereum Blockchain
Blockchain technology has revolutionized contractual processes, enhancing efficiency and trust through smart contracts. Ethereum, as a pioneer in this domain, offers a platform for decentralized applications but is challenged by the immutability of smart contracts, which makes upgrades cumbersome...
Attacker can call initializeTokenomics in the tokenomics implementation contract and self destruct afterwards
Lines of code Vulnerability details Impact Malicious actor can front run any attempts to initialize the implementation contract of tokenomics and self destruct the contract. This makes us to re-deploy proxy as the upgradable logic is within the proxy as well. Proof of Concept 1. Implementation is...
User can not receive own assets back
Lines of code Vulnerability details Impact The user has the opportunity to deposit tokens, but does not have the opportunity to withdraw them back. Consequently, his tokens will be locked in the contract and he will not be able to take them back. Yes, the contract is upgradable - but this does no...
FollowNFT storage collision
Lines of code Vulnerability details Impact The lastFollowTokenId of FollowNFT contract has a storage collision. V2.0 storage layout: | lastFollowTokenId | uint128 | 17 | 0 | 16 | contracts/FollowNFT.sol:FollowNFT | | followerCount | uint128 | 17 | 16 | 16 | contracts/FollowNFT.sol:FollowNFT |...
NFTBoostVault is not a proper implementation/logic contract in upgradeability system
Lines of code Vulnerability details Impact As per the natspec comments in the NFTBoostVault contract, the NFTBoostVault contract "is Simple Proxy upgradeable which is the upgradeability system used for voting vaults in Council". This implies that this contract will be used as the...
Permits may be reused after token upgrade
Lines of code Vulnerability details Impact The StandardizedToken contract inherits the ERC20Permit contract which in the case of an upgradable/proxied Token would allow permits for a previous version of the Token to be used on any subsequent version of it. NOTE that ERC20Permit is not explicitly ...
Unauthorized Contract Upgrade Vulnerability in Upgradable Contract
Lines of code Vulnerability details In the "upgrade" function, the contract allows the owner to upgrade the contract to a new implementation using the provided address and code hash. However, there is a flaw in the implementation that can allow an attacker to bypass the contract upgrade checks an...
Storage collision risk in NounsDAOProxy contracts
Lines of code Vulnerability details Impact NounsDAOProxy contract may lose tracking its implementation address Proof of Concept One of the main vulnerabilities of upgradeable contracts is storing the implementation address in the beginning slots. This address is later used by proxy for delegateca...
Wherever possible, _safeMint() should be used rather than _mint()
Lines of code Vulnerability details Impact mint is not recommended in favour of safeMint, which guarantees that the recipient is either an EOA. Proof of Concept, , Tools Used Vscode use safeMint instead of mint. Assessed type Upgradable --- The text was updated successfully, but these errors were...
LlamaAccount can be tricked to selfdestruct with an upgradable contract
Lines of code Vulnerability details Impact The LlamaAccount contract will be destroyed and all the assets can be lost. Proof of Concept In execute, we use readSlot0 to prevent a malicious or buggy target from taking ownership of this contract. But the malicious target can send all the assets and...
Incorrect Handling of Return Value in onlyWhenNotPaused Modifier
Lines of code Vulnerability details Description: contract named "L1ChugSplashProxy" which is a proxy contract with additional functionality for code and storage modification. However, there is a bug in the code that needs to be addressed. Bug: The bug is in the modifier onlyWhenNotPaused function...
TEST FINDING
Lines of code Vulnerability details ISSUE FOR TESTING PURPOSES Assessed type Upgradable --- The text was updated successfully, but these errors were encountered: All reactions...
Upgradable liberty
Lines of code Vulnerability details Impact Instead of using @openzeppelin/contracts, use the upgradable liberty for contracts that should be able to be upgraded. This is the library that should be used :@openzeppelin/contracts-upgradeable Proof of Concept For more info have a look at this resourc...
Broken Upgradable Logic in Pool.sol
Lines of code Vulnerability details Impact The Pool smart contract allows a user to predeposit ETH so that it can be used when a seller takes their bid. It uses an ERC1967 proxy pattern and only the exchange contract is permitted to make transfers. The smart contract inherits the...
Lack of storage gap for upgradable contracts
Lines of code Vulnerability details Impact Safe usage of upgradable contract should include a storage gap to allow the addition of new state. OpenZeppelin docs Proof of Concept The following contracts on the project are using upgradable contracts from OpenZeppelin. File: contracts/Community.sol...
No storage gap for Upgradable contract might lead to storage slot collision
Lines of code Vulnerability details Impact For Upgradable contracts, there must be storage gap to “allow developers to freely add new state variables in the future without compromising the storage compatibility with existing deployments” quote OpenZeppelin. Otherwise it may be very difficult to...
Unprotested _setup function in XERC20Wrapper via Upgradable Contract
Lines of code Vulnerability details Impact If a caller calls the setup function and the address within the IMPLEMENTATIONSLOT does not equal zero, the function will call setup. The setup function changes the ownership of the contract. Proof of Concept The Upgradable contract has a setup function...
Anyone Can Become Owner Of XC20Wrapper Contract
Lines of code Vulnerability details Anyone can become the owner of the XC20Wrapper contract by calling the XC20Wrapper.setup function. Proof-of-Concept The XC20Wrapper contract inherits from Upgradable contract. contract XC20Wrapper is AxelarExecutable, Upgradable As such, the XC20Wrapper contrac...
No storage gap for Upgradable contract might lead to storage slot collision
Lines of code Vulnerability details Impact For upgradeable contracts, there must be storage gap to “allow developers to freely add new state variables in the future without compromising the storage compatibility with existing deployments” quote OpenZeppelin. Otherwise it may be very difficult to...