The Proxy Admin Owner is not able to upgrade smart contracts that sit behind a Proxy contract as stated in the Q&A.
Summary
According to the contest Q&A the proxy admin owner is a trusted role that can
Upgrade all smart contracts that sit behind a Proxy contract.
This role is not possible as there is no mechanism implemented in the protocol to enable the Proxy Admin Owner do this.
Vulnerability Detail
According to the contest Q&A the proxy admin owner is a trusted role that can
Upgrade all smart contracts that sit behind a Proxy contract.
Set the implementation contract for any dispute game type within the DisputeGameFactory.
Modify the initial bond cost for any dispute game type within the DisputeGameFactory.
Remove ETH from the DelayedWETH contract.
These roles were all implemented by the developers except that the proxy admin owner can upgrade the smart contracts that sit behind a Proxy contract.
Looking into the DisputeGameFactory contract there is no implementation or mechanism put in place for the owner to carry out this role, leading to a situation where already deployed proxies cannot be upgraded to reflect the new intentions of the proxy admin owner.
Impact
As the Proxy Admin Owner cannot upgrade the smart contracts behind the proxies, already deployed proxy contracts whose dispute games are still in progress will continue to run and resolve with previous (potentially harmful) implementations.
A mechanism to upgrade the smart contracts that sit behind a Proxy contract should be added to the factory contract, to be used by the admin when the need arises.
shealtielanz
medium
The Proxy Admin Owner is not able to upgrade smart contracts that sit behind a
Proxy contractas stated in the Q&A.Summary
According to the contest Q&A the proxy admin owner is a trusted role that can
This role is not possible as there is no mechanism implemented in the protocol to enable the Proxy Admin Owner do this.
Vulnerability Detail
According to the contest Q&A the proxy admin owner is a trusted role that can
These roles were all implemented by the developers
exceptthat the proxy admin owner can upgrade the smart contracts that sit behind aProxy contract.Looking into the
DisputeGameFactorycontract there is no implementation or mechanism put in place for the owner to carry out this role, leading to a situation where already deployed proxies cannot be upgraded to reflect the new intentions of the proxy admin owner.Impact
As the Proxy Admin Owner cannot upgrade the smart contracts behind the proxies, already deployed proxy contracts whose dispute games are still in progress will continue to run and resolve with previous (potentially harmful) implementations.
Code Snippet
https://github.com/sherlock-audit/2024-02-optimism-2024-Oxdice91/blob/a2e558a5df21c63818191a876b7137dd4274a8ff/optimism/packages/contracts-bedrock/src/dispute/DisputeGameFactory.sol#L125
Recommendation
A mechanism to upgrade the smart contracts that sit behind a Proxy contract should be added to the factory contract, to be used by the admin when the need arises.