Lucene search
K

4 matches found

Code423n4
Code423n4
added 2023/10/25 12:0 a.m.12 views

Centralisation risk

Lines of code Vulnerability details Impact The protocol has a onlyGovernor role with privileged rights to perform administrator tasks that can affect users. Proof of Concept The governorhave control over crucial function that can be updated and change according to the governor discretion. functio...

7.3AI score
Exploits0
Code423n4
Code423n4
added 2023/10/25 12:0 a.m.10 views

When Creating a Safe Via ODSafeManager::openSAFE, the User Proxy Is Wrongly Set As the Safe Owner

Lines of code Vulnerability details Impact We can observe from Vault721::mint function that the input usr in ODSafeManager::openSAFE function needs to be a previously built proxy of the user address. function mintaddress proxy, uint256 safeId external requiremsg.sender == addresssafeManager, 'V72...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/10/25 12:0 a.m.9 views

Since the build function in 'Vault721' allows anyone to deploy a new ODProxy for any user without proper checks, it creates a potential exploit.

Lines of code Vulnerability details Impact The ability to freely deploy ODProxy contracts through the Vault721 contract's build function represents a significant security vulnerability. Exploitation of this vulnerability could lead to: Unauthorized Actions: Malicious actors could deploy proxies f...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/10/25 12:0 a.m.14 views

Updating safeManager reference in Vault721 will brick transfer of safes

Lines of code Vulnerability details Impact Updating safeManager reference in Vault721 will brick safe transfers since the state of the new ODSafeManager instance won't have corresponding data. In addition, it is not clear how it would be possible to achieve seamless migration as particular...

7AI score
Exploits0
Rows per page
Query Builder