Closed c4-submissions closed 10 months ago
raymondfam marked the issue as low quality report
raymondfam marked the issue as primary issue
Intended design. Insufficient proof.
The ExecutorPlugin
is not meant to be activated by default for sub-accounts; it is meant to be activated at will after deployment.
As such, this exhibit is invalid as it details intended design.
alex-ppg marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-10-brahma/blob/dd0b41031b199a0aa214e50758943712f9f574a0/contracts/src/core/SafeDeployer.sol#L168-L205
Vulnerability details
According to the Contest Overview,
Executor - An account authorized to make module transactions on a subAccount via
ExecutorPlugin
, ExecutorPluginneeds
to be enabled asmodule
onsubAccount
.For
ExecutorPlugin
to make module transactions, it needs to be enabled as a module on the subaccount. During subaccount creation,_setupSubAccount()
sets the fallback handler and guard on the subaccount, but fails to set theExecutorPlugin
as module.Impact
This leads to a situation where subaccounts are created but lack
ExecutorPlugin
set as a module, this preventsexecutors
from executing transactions as a module.Tools Used
Manual Review
Recommended Mitigation Steps
A call to set
ExecutorPlugin
as a module should be added to the_setupSubAccount()
function to ensure that every new subaccount hasExecutorPlugin
enabled.Assessed type
Access Control