search

hats-finance / Convergence---Convex-integration-0xb3df23e155b74ad2b93777f58980d6727e8b40bb

0 stars 1 forks source link

Missing `initializer ` modifier in `CvgCvxStakingPositionService::initialize()` function #79

Open hats-bug-reporter[bot] opened 4 months ago

hats-bug-reporter[bot] commented 4 months ago

Github username: @https://github.com/Lhoussaineph2001 Twitter username: https://twitter.com/lhoussainePh Submission hash (on-chain): 0xc2c2fb8291c4b28da0d1393bfde8c3f48d71437a26772d9629dcbfbce5602d0c Severity: medium

Description: Description\

The vulnerability arises from the absence of the initializer modifier in the initialize function of the smart contract. In Solidity, the initializer modifier is commonly used to ensure that a function can only be called once during contract initialization. Without this modifier, there is a risk of reinitialization, which can lead to unexpected behavior and potential security vulnerabilities.

Attack Scenario\

  1. Reinitialization Attack : An attacker could exploit the absence of the initializer modifier by calling the initialize function multiple times, potentially resetting critical state variables and compromising the integrity of the contract.
  2. Contract State Manipulation : Without the initializer modifier, malicious actors may attempt to manipulate the contract's state by repeatedly invoking the initialization function with different

Attachments

  1. Proof of Concept (PoC) File

[TestCvgCvxStakingPositionService.t.sol]

  1. Revised Code File (Optional)

pragma solidity ^0.8.0;

import "../node_modules/@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";

 //Here I did inherit from Initalizable, is this best practice?
contract CvgCvxStakingPositionService, Initializable{  

    //Excluded constant state vars declaration for sake of readability.... 

    //Here comes the INITIALIZER
    function initialize(

        address _cvxConvergenceLocker,
        ICrvPoolPlain _curvePool,
        ICvx1 _cvx1,
        string memory _symbol

        ) public initializer {

        // body of function 

    }

Files:

PlamenTSV commented 4 months ago

The code you link has the needed modifier.

Lhoussaineph commented 4 months ago

Yes I see it but that modifier doesn't work because it doesn't import anywhere