GalloDaSballo
commented
2 years ago Factually incorrect it could be exploited by the original caller, in our cases our EOA deployer, however it is not as shown in the deployment scripts. Disagree
Closed code423n4 closed 2 years ago
GalloDaSballo
commented
2 years ago Factually incorrect it could be exploited by the original caller, in our cases our EOA deployer, however it is not as shown in the deployment scripts. Disagree
GalloDaSballo
commented
2 years ago Also what money can I steal on the initializer?
Lines of code
https://github.com/Badger-Finance/vested-aura/blob/d504684e4f9b56660a9e6c6dfb839dcebac3c174/contracts/MyStrategy.sol#L56
Vulnerability details
Impact
Your Using old openzeplin Verision which the initializer function is vulnerable to and an attacker can call it twice after it’s been initliazed and since it approves max tokens to those contract. Which then after it’s first initialization the attacker calls it and then approved tokens are spent then the contract will approve another max amount of tokens to those contract causing lost of funds for your contract
Recommended Mitigation Steps
Upgrade to the latest version of openzeppelin