Open hats-bug-reporter[bot] opened 3 days ago
You need to demonstrate how would a bad actor reinitialize an already initialized contract, otherwise the check is working fine and the contract can only be initialized once
I think the hunter believes that those contracts are made to be deployed directly. That's not the case, they are created by the Market Factory and initialized in the same call.
Github username: -- Twitter username: -- Submission hash (on-chain): 0xf1abed6ea711730080ea3f3c25bdefcba22caf0a995bd770b03425dff5f00cb5 Severity: medium
Description: Description:
The
Market
contract contains aninitialize
function that is intended to set up the initial state of the contract. However, this function lacks proper access control and doesn't use a standard initializer modifier. While it does include a check to prevent multiple initializations, it falls short of best practices for secure contract initialization.This vulnerability could allow any external actor to initialize the contract, potentially setting critical parameters to malicious values. Additionally, while multiple initializations are prevented, the lack of a standard initializer modifier might lead to unexpected behaviour in more complex scenarios.
Attachments
Proof of Concept (PoC) File:
The
initialize
function is external and can be called by anyone. While it does check for previous initialization, it lacks proper access control and doesn't use a standard initializer modifier.Revised Code File:
The revised code addresses the vulnerability by:
Initializable
andOwnableUpgradeable
contracts.initializer
modifier to ensure the function can only be called once.__Ownable_init()
to set up ownership, providing access control.These changes ensure that the initialization can only be performed once and only by the contract deployer or designated owner, significantly improving the contract's security posture.