Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

QA Report #69

Closed
code423n4 opened this issue Feb 12, 2022 · 2 comments
Closed

QA Report #69

code423n4 opened this issue Feb 12, 2022 · 2 comments
Labels
bug Something isn't working invalid This doesn't seem right sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue

Comments

@code423n4
Copy link
Contributor

Low - Proxy inheritance not initialized

Impact

There is no call of the initialize() function in the inherited OwnableProxyDelegation.sol contract in NestedFactory.sol. It is possible the intention is to perform this call manually, which is why I labeled this only a medium, but there could be problems if the proxy is not initialized at all. Because the code does not call the initialize(), I must assume the latter.

Proof of Concept

When a contract inherits another contract, the child contract calls the constructor of the parent contract. In this case, the OwnableProxyDelegation.sol contract has no constructor. The initialize function can only be called once, but this function sets the proxy owner, a critically important role for managing the system. If this role is not set when the contracts as first initialized, it is possible an owner of address(0) could cause problems. Luckily there is a require statement in line 26 which prevents arbitrary calls from any user to the initialize function.

Uninitialized proxies have been the cause of some large issues recently. See example A and example B.

Recommended Mitigation Steps

Add the following line to the NestedFinance.sol constructor:

initialize(_msgSender());
@code423n4 code423n4 added QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax bug Something isn't working labels Feb 12, 2022
code423n4 added a commit that referenced this issue Feb 12, 2022
@code423n4
sirhashalot issue #69
48ab2c6
@maximebrugel
Copy link
Collaborator

As mentioned:

"Luckily there is a require statement in line 26 which prevents arbitrary calls from any user to the initialize function."

Also, if the owner of the proxy doesn't call the initialize function via upgradeToAndCall, he can't set the FeeSplitter address and all users calls will fail.

@maximebrugel maximebrugel added the sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue label Feb 15, 2022
@harleythedogC4
Copy link
Collaborator

Agree with sponsor with the reasoning why this is invalid.

@harleythedogC4 harleythedogC4 added invalid This doesn't seem right and removed QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax labels Feb 27, 2022
@Yashiru Yashiru mentioned this issue Jun 23, 2022
Open
@obatirou obatirou mentioned this issue Jun 23, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working invalid This doesn't seem right sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@maximebrugel @code423n4 @harleythedogC4