sherlock-admin4
commented
8 months ago 2 comment(s) were left on this issue during the judging contest.
WangAudit commented:
same as 49; invalid; low; fallse under Sherlock'rules about future issues
takarez commented:
invalid
0xkmg
medium
No Storage Gap for Upgradeable Contracts
Summary
Upgradeable contracts necessitate a storage gap to ensure developers can add new state variables in future updates without affecting the storage layout of previously deployed contracts.
Vulnerability Detail
Impact
In the absence of a storage gap, there's a risk that variables in the contracts could be inadvertently overwritten by those in an updated base contract, leading to potentially severe and unintended impacts on the child contracts. This precaution helps prevent such issues, ensuring the stability and reliability of contract upgrades.
Code Snippet
adding storage gap: https://github.com/sherlock-audit/2024-02-telcoin-platform-audit-update/blob/main/telcoin-contracts/contracts/stablecoin/StablecoinHandler.sol#L51
Also consider adding storage gap here too: https://github.com/sherlock-audit/2024-02-telcoin-platform-audit-update/blob/main/telcoin-contracts/contracts/swap/AmirX.sol#L44
Tool used
Manual Review
Recommendation
Adding a storage gap at the end of upgradeable contracts as the below.
uint256[50] private __gap;