Low level calls with solidity version 0.8.14 can result in optimiser bug.

[code423n4]

Lines of code

https://github.com/code-423n4/2022-06-nested/blob/b4a153c943d54755711a2f7b80cbbf3a5bb49d76/contracts/governance/OwnerProxy.sol#L20

Vulnerability details

Impact

The protocol is using low level calls with solidity version 0.8.14 which can result in optimizer bug.

Proof of Concept

See POC from Certora

Recommended Mitigation Steps

Consider upgrading to solidity 0.8.15

[Yashiru]

Low level calls with solidity version 0.8.14 can result in optimiser bug (Confirmed)

Disagree with severity. The Certora report was published on the day of the audit.

[jack-the-pug]

I'll downgrade this to QA as the warden fail to provide any details required for a High issue, I did some brief research and it seems the bug wont impact the code pointed out by the warden.