Upgradeable contracts require a storage gap to ensure that new state variables can be added without disrupting compatibility with existing deployments. Without a storage gap, the addition of new variables to the base contract could potentially overwrite those in child contracts, resulting in unintended consequences. You can find more details here : https://docs.openzeppelin.com/upgrades-plugins/1.x/writing-upgradeable"
Qeew
unlabeled
Upgradeable Contracts Have No Storage Gaps
Summary
Vulnerability Detail
Upgradeable Contracts Have No Storage Gaps
https://github.com/sherlock-audit/2023-01-uxd/blob/main/contracts/core/UXDController.sol#L352
Impact
Upgradeable contracts require a storage gap to ensure that new state variables can be added without disrupting compatibility with existing deployments. Without a storage gap, the addition of new variables to the base contract could potentially overwrite those in child contracts, resulting in unintended consequences. You can find more details here : https://docs.openzeppelin.com/upgrades-plugins/1.x/writing-upgradeable"
Code Snippet
https://github.com/sherlock-audit/2023-01-uxd/blob/main/contracts/core/UXDController.sol#L352
Tool used
Manual Review
Recommendation
It is recommended to include an appropriate storage gap at the end of upgradeable contracts.
uint256[50] private __gap;