Closed code423n4 closed 1 year ago
141345 marked the issue as low quality report
invalid
it's the logic contract
We avoid redundant checks by design. This cannot be frontrunned given that is all done atomically in the same transaction, is the LensHub who is deploying AND initializing them.
donosonaumczuk marked the issue as sponsor disputed
Out of Scope anyway with https://gist.github.com/thebrittfactor/3dc2ed1320de95e111a25c1744f4d33e#L-09
Picodes marked the issue as unsatisfactory: Out of scope
Lines of code
https://github.com/code-423n4/2023-07-lens/blob/main/contracts/FollowNFT.sol#L48-L56 https://github.com/code-423n4/2023-07-lens/blob/main/contracts/misc/LegacyCollectNFT.sol#L45-L52
Vulnerability details
Impact
In
FollowNFT.sol
,LegacyCollectNFT.sol
andCollectNFT.sol
(out of scope) we haveinitialize()
.This is an example from
LegacyCollectNFT
:This function finalizes the initialization of the contract by setting state variables for the contract and is designed to only be called once. But can be front-run by malicious user.
Proof of Concept
initialize()
functions can only be called once during a setup phase. It is possible for a malicious user to callinitialize()
at the very beginning and set his address and other malicious variables.Tools Used
Manual Review
Recommended Mitigation Steps
I think is better to add access control like
onlyOwner
toinitialize()
functions.Assessed type
Governance