Anyone Can Call Init() and Lock It Forever For Attack.sol, DAO.sol, Factory.sol, Pools.sol, Router.sol, Vault.sol, and Vader.sol
When trying to deploy vader contracts, an attacker could call init() on each deployed contract and lock it, wasting the deployer's gas and time.
If the attacker calls init() on a contract that has already been referenced by a previous contract, the attacker causes that contract to be rendered useless as well.
Since init() can only be called once, and then is locked forever, a successful attack leaves the entire contract useless, and wastes Vader's funds.
Proof of Concept
Alice sees that the Vader team is in the process of deploying their contracts. Alice calls init() on each contract as it is deployed, supplying junk data to the arguments. This wastes Vader's time and money.
Recommended Mitigation Steps
Either move init() functionality to the constructor of each contract, or add a restriction to who can call init().
dmvt
commented
3 years ago
Handle
jvaqa
Vulnerability details
Impact
Anyone Can Call Init() and Lock It Forever For Attack.sol, DAO.sol, Factory.sol, Pools.sol, Router.sol, Vault.sol, and Vader.sol
When trying to deploy vader contracts, an attacker could call init() on each deployed contract and lock it, wasting the deployer's gas and time. If the attacker calls init() on a contract that has already been referenced by a previous contract, the attacker causes that contract to be rendered useless as well. Since init() can only be called once, and then is locked forever, a successful attack leaves the entire contract useless, and wastes Vader's funds.
Proof of Concept
Alice sees that the Vader team is in the process of deploying their contracts. Alice calls init() on each contract as it is deployed, supplying junk data to the arguments. This wastes Vader's time and money.
Recommended Mitigation Steps
Either move init() functionality to the constructor of each contract, or add a restriction to who can call init().