julien51
commented
2 years ago Indeed, we could improve things by making sure that setLockTemplate is called with a version number rather than the address of a lock template.
Open code423n4 opened 2 years ago
julien51
commented
2 years ago Indeed, we could improve things by making sure that setLockTemplate is called with a version number rather than the address of a lock template.
Handle
cmichel
Vulnerability details
The
Unlock.setLockTemplatefunction sets the default lock tempalte for new lock creations. However, it does not verify that this lock template is a valid template that was added to_publicLockVersionsviaaddLockTemplate.Impact
A default template with a wrong version number can be set which is incompatible with updating locks through
upgradeLock(requiresversion == currentVersion + 1).Recommended Mitigation Steps
Add new lock templates using
addLockTemplatefirst and restrictsetLockTemplateto only use these templates, not arbitrary code.