Unprotected function

Missing (or incorrectly used) modifier on a function allows an attacker to use sensitive functionality in the contract.

Attack Scenario

A contract with a changeOwner function does not label it as private and therefore allows anyone to become the contract owner.

Mitigations

Always specify a modifier for functions.

Examples

• An onlyOwner modifier is defined but not used, allowing anyone to become the owner
• April 2016: Rubixi allows anyone to become owner
• July 2017: Parity Wallet. For code, see initWallet
• BitGo Wallet v2 allows anyone to call tryInsertSequenceId. If you try close to MAXINT, no further transactions would be allowed. Fix: make tryInsertSequenceId private.
• Feb 2020: Nexus Mutual's Oraclize callback was unprotected—allowing anyone to call it. Oraclize triggers a rebalance to occur via Uniswap.