search

sherlock-audit / 2024-02-rio-network-core-protocol-judging

4 stars 4 forks source link

KiroBrejka - [M-3] - Incorrect function overriding #43

Closed sherlock-admin4 closed 7 months ago

sherlock-admin4 commented 7 months ago

KiroBrejka

medium

[M-3] - Incorrect function overriding

Summary

RioLRT::clock and RioLRT::CLOCK_MODE should be overriding the IERC6372::clock and IERC6372::CLOCK_MODE from OpenZeppelingUpgradableContracts but both functions (IERC6372::clock and IERC6372::CLOCK_MODE) miss the virtual keyword

Vulnerability Detail

The RioLRT::clock and RioLRT::CLOCK_MODE wont be able to override the functions from ERC6372 standard

Impact

The RioLRT::clock and RioLRT::CLOCK_MODE wont update the IERC6372::clock and IERC6372::CLOCK_MODE functions because of the missing keyword

Code Snippet

RioLRT functions: https://github.com/sherlock-audit/2024-02-rio-network-core-protocol/blob/main/rio-sherlock-audit/contracts/restaking/RioLRT.sol#L80-L87

IERC6372 functions:

interface IERC6372 {
    /**
     * @dev Clock used for flagging checkpoints. Can be overridden to implement timestamp based checkpoints (and voting).
     */
    function clock() external view returns (uint48);

    /**
     * @dev Description of the clock
     */
    // solhint-disable-next-line func-name-mixedcase
    function CLOCK_MODE() external view returns (string memory);
}

Tool used

Manual Review

Recommendation

Put the virtual keyword in the IERC6372 functions

nevillehuang commented 7 months ago

Invalid, unsure what this is pointing to, no impact described