0xad1onchain
commented
1 year ago Can you explain what issues will it cause? Nonce is expected to be bumped here
Closed c4-submissions closed 1 year ago
0xad1onchain
commented
1 year ago Can you explain what issues will it cause? Nonce is expected to be bumped here
c4-pre-sort
commented
1 year ago raymondfam marked the issue as low quality report
c4-pre-sort
commented
1 year ago raymondfam marked the issue as duplicate of #129
c4-judge
commented
1 year ago alex-ppg marked the issue as not a duplicate
alex-ppg
commented
1 year ago The Warden fails to describe what the actual vulnerability is and appears to not have a correct understanding of the code.
c4-judge
commented
1 year ago alex-ppg marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-10-brahma/blob/main/contracts/src/core/SafeDeployer.sol#L254
Vulnerability details
return uint256(keccak256(abi.encodePacked(_ownersHash, ownerSafeCount[_ownersHash]++, _salt, VERSION)));
here ownerSafeCount[_ownersHash]++ is used as nonce for different ownerSafeCount mapping if _ownersHash is 0 or 1 the mapping will be 0 for the first item.This will cause an issue.
Assessed type
en/de-code