Closed sherlock-admin2 closed 5 months ago
1 comment(s) were left on this issue during the judging contest.
takarez commented:
invalid because { The role is trusted and will not do what the watson has said}
Invalid, BUILDER_ROLE is a trusted entity within the protocol trusted to not be malicious
grearlake
medium
Malicious builder can back-run to update malicious config of staking contrat when deploying
Summary
Malicious builder can back-run to update malicious config of staking contrat when deploying
Vulnerability Detail
_addStakingRewardsContract use
CREATE1
to deploy contract:Malicious builder can update new config of the contract by back-run in the same block. since there is no way to update config after deployment
Impact
Malicious builder can update new config of the contract
Code Snippet
https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/telx/core/StakingRewardsManager.sol#L102-#L119
Tool used
Manual Review
Recommendation
Using
CREATE2
with salt