Closed c4-submissions closed 10 months ago
raymondfam marked the issue as insufficient quality report
raymondfam marked the issue as primary issue
Contract deployment would have already failed if Incorrect Import had been entailed.
fatherGoose1 marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/c5fdc2e62c5e1d78769f44d6e34a6fb9e40c00f0/src/RSETH.sol#L9
Vulnerability details
Impact
The contract fails to compile and cannot be deployed.
Proof of Concept
The
RsEth.sol
and other files contains this line:However, OpenZeppelin's
PausableUgpradable.sol
is in./utils
not./security
. Check the github repo here:https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/tree/master/contracts
This means that no import for the
PausableUpgradable
contract is performed.Tools Used
Manual Review
Recommended Mitigation Steps
Replace
security
withutils
Assessed type
Library