GalloDaSballo
commented
2 years ago State is not transfered when you proxy a contract
When you deploy a proxy to a logic, the proxy contains the state, while the logic (how to interpret the state) is provided by the logic contract
In the lack of context, I'm setting this as invalid
Handle
johnsterlacci
Vulnerability details
Impact
Detailed description of the impact of this finding.
Basket.sol and Auction.sol are deployed as singleton instances that Factory.sol can create proxy clones of. State modifying functions on these singletons are not locked down and could create unintended side effects
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
Tools Used
Hardhat
Recommended Mitigation Steps
Add logic that would lock state manipulating calls on singleton instantiation