The use of the init constraint on the oapp_config account in the ReinitOApp function prevents reinitialization of the OApp configuration. This design flaw causes a denial of service for the protocol, as administrators cannot update critical configuration parameters after the initial setup.
Root Cause
In reinit_oapp.rs, within the ReinitOApp struct, the oapp_config account is constrained with init, which is intended for initializing new accounts:
This constraint causes the function to fail if the oapp_config account already exists, thereby preventing reinitialization of an existing configuration.
Internal pre-conditions
The oapp_config account has already been initialized.
Administrators need to update the OApp configuration by reinitializing oapp_config.
External pre-conditions
None
Attack Path
This is not exploit by an external actor but rather a vulnerability due to a design flaw.
Impact
The protocol cannot reinitialize the OApp configuration, blocking updates to essential parameters like the Admin Public Key, USDC Hash and Mint Address
PoC
No response
Mitigation
Using the init in the ReinitOApp function will not work for reinitializing an existing oapp_config account. To update the account's fields as intended, you should use mut instead.
Magic Ash Kookaburra
High
Protocol unable to reinitialize
oapp_configSummary
The use of the init constraint on the
oapp_configaccount in theReinitOAppfunction prevents reinitialization of the OApp configuration. This design flaw causes a denial of service for the protocol, as administrators cannot update critical configuration parameters after the initial setup.Root Cause
In
reinit_oapp.rs, within the ReinitOApp struct, theoapp_configaccount is constrained withinit, which is intended for initializing new accounts:https://github.com/sherlock-audit/2024-09-orderly-network-solana-contract/blob/main/solana-vault/packages/solana/contracts/programs/solana-vault/src/instructions/oapp_instr/reinit_oapp.rs#L11-L18
This constraint causes the function to fail if the
oapp_configaccount already exists, thereby preventing reinitialization of an existing configuration.Internal pre-conditions
oapp_configaccount has already been initialized.oapp_config.External pre-conditions
None
Attack Path
This is not exploit by an external actor but rather a vulnerability due to a design flaw.
Impact
The protocol cannot reinitialize the OApp configuration, blocking updates to essential parameters like the Admin Public Key, USDC Hash and Mint Address
PoC
No response
Mitigation
Using the
initin the ReinitOApp function will not work for reinitializing an existingoapp_configaccount. To update the account's fields as intended, you should usemutinstead.