search

code-423n4 / 2024-04-panoptic-findings

2 stars 2 forks source link

Contract can be front run and set with a malicious owner upon deployment #544

Closed c4-bot-6 closed 2 months ago

c4-bot-6 commented 2 months ago

Lines of code

https://github.com/code-423n4/2024-04-panoptic/blob/833312ebd600665b577fbd9c03ffa0daf250ed24/contracts/PanopticFactory.sol#L134-L139

Vulnerability details

Summary

The s_owner variable which is meant to be a delicate variable is lax and can be easily highjacked

Detailed Description

The s_owner is a delicate variable and should be handled with care and It should be instantiated upon construction. It is currently being called by a initialize function which has no access control, this could lead to the s_owner variable being frontrun and highjacked by an attacker.

Impact:

Contract can be highjacked by a malicious user leading to break in the overall protocol.

Proof of Code

    function initialize(address _owner) public {
        if (!s_initialized) {
            s_owner = _owner;
            s_initialized = true;
        }
    }

Tool used:

Manual Review

Recommended Mitigation:

The s_owner variable should be set in a constructor or the protocol should implement access control on the initialize function.

Assessed type

Access Control

c4-judge commented 2 months ago

Picodes marked the issue as unsatisfactory: Invalid