onlyProxy MODIFIER CAN BE BYPASSED BY A MALICIOUS PROXY CONTRACT AND CAN PUSH THE IMPLEMENTATION CONTRACT INTO AN UNDESIRABLE STATE

Lines of code Vulnerability details Impact The Upgradeable.onlyProxy modifier is used to ensure that a function can only be called by the proxy and can not be directly called in the Upgradeable.sol contract. The onlyProxy modifier implementation is as follows: modifier onlyProxy // Prevent setup...

State variables are initialized in an upgradeable contract + there is constructor

Lines of code Vulnerability details Impact Due to a requirement of the proxy-based upgradeability system, no constructors can be used in upgradeable contracts. State variables are initialized in an upgradeable contract Proof of Concept See -upgradeableavoid-initial-values-in-field-declarations...

Upgraded Q -> 2 from #362 [1676219107265]

Judge has assessed an item in Issue 362 as 2 risk. The relevant finding follows: N‑01 Upgradeable contract is missing a gap50 storage variable to allow for new storage variables in later versions --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #308 [1676219092947]

Judge has assessed an item in Issue 308 as 2 risk. The relevant finding follows: 03 Upgradeable contract is missing a gap50 storage variable to allow for new storage variables in later versions --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #353 [1676219078358]

Judge has assessed an item in Issue 353 as 2 risk. The relevant finding follows: 06 UPGRADEABLE CONTRACT IS MISSING A GAP50 STORAGE VARIABLE TO ALLOW FOR NEW STORAGE VARIABLES IN LATER VERSIONS --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #59 [1676219064442]

Judge has assessed an item in Issue 59 as 2 risk. The relevant finding follows: L-06 Upgradeable contract is missing a gap50 storage variable to allow for new storage variables in later versions --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #525 [1676219014177]

Judge has assessed an item in Issue 525 as 2 risk. The relevant finding follows: Upgradeable contract is missing a gap50 storage variable to allow for new storage variables in later versions --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #533 [1676218902616]

Judge has assessed an item in Issue 533 as 2 risk. The relevant finding follows: Upgradeable contract is missing a gap50 storage variable to allow for new storage variables in later versions --- The text was updated successfully, but these errors were encountered: All reactions...

Lack of double step transfer in admin modification in a upgradeable contract is dangerous

Lines of code Vulnerability details Lack of double step transfer in admin modification in a upgradeable contract is dangerous Summary Double step transfer of admin / ownership should be a must in upgradeable contracts Vulnerability Detail Admin is changed with changeAdmin that calls changeAdmin,...

Storage collision in Collateral.sol

Lines of code Vulnerability details Vulnerability details collateral.sol is an upgradeable contract. Upgradeable contracts should not use the constructor to initialize variables, as these will be set in the contract storage of the implementation contract, instead of the intended contract storage ...

BlurExchange Contract May Not Be Upgradeable

Lines of code Vulnerability details Vulnerability Details The BlurExchange is designed to be an implementation contract supporting an upgradeable feature. However, we found that some contracts define state variables without allocating the reserved storage slots gap which may impede the BlurExchan...

Upgradeable contract is missing a __gap[50] storage variable to allow for new storage variables in later versions

Lines of code Vulnerability details Upgradeable contract is missing a gap50 storage variable to allow for new storage variables in later versions Impact For upgradeable contracts, there must be storage gap to "allow developers to freely add new state variables in the future without compromising t...

Vulnerable OZ version [email protected] used

Lines of code Vulnerability details Impact An outdated and vulnerable OpenZeppelin version 3.4.0 is used. This dependency has a known high severity vulnerability: describes the possibility of initializer protected functions to be called twice, this would affect the MyStrategy.sol contract. See...

[WP-H3] Proxy admin of the upgradeable proxy contracts can steal _borrowAsset and collateralAsset from the contracts and users' wallet

Lines of code Vulnerability details Both LenderPool and PooledCreditLine are upgradeable contract that holds users' allowances, and in certain periods, LendingPool will be holding users' funds. Use of Upgradeable Proxy Contract Structure allows the logic of the contract to be arbitrarily changed...

Usage of an incorrect version of ERC20Permit contract can give unknown token with 0 decimals after upgrade.

Handle Jujic Vulnerability details Impact Based on the context and comments in the code, the Malt.sol contract is designed to be deployed as an upgradeable proxy contract. In Solidity, code that is inside a constructor or part of a global variable declaration is not part of a deployed contract’s...

Usage of an incorrect version of Ownbale library can potentially malfunction all onlyOwner functions

Handle WatchPug Vulnerability details // this is used to have the contract upgradeable function initializeuint128 minStakedRequired public initializer Based on the context and comments in the code, the DelegatedStaking.sol contract is designed to be deployed as an upgradeable proxy contract...