c4-judge
commented
1 year ago trust1995 marked the issue as unsatisfactory: Out of scope
Closed code423n4 closed 1 year ago
c4-judge
commented
1 year ago trust1995 marked the issue as unsatisfactory: Out of scope
Lines of code
https://github.com/code-423n4/2023-01-ondo/blob/f3426e5b6b4561e09460b2e6471eb694efdd6c70/contracts/cash/CashManager.sol#L21-L26
Vulnerability details
Impact
Instead of using @openzeppelin/contracts, use the upgradable liberty for contracts that should be able to be upgraded. This is the library that should be used :@openzeppelin/contracts-upgradeable
Proof of Concept
For more info have a look at this resource https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
Tools Used
None