search

sherlock-audit / 2024-10-ethos-network-judging

0 stars 0 forks source link

shaflow01 - The upgradeable contract lacks a gap #68

Open sherlock-admin3 opened 4 weeks ago

sherlock-admin3 commented 4 weeks ago

shaflow01

Medium

The upgradeable contract lacks a gap

Summary

The EthosAttestation, EthosDiscussion, EthosProfile, EthosReview, and EthosVote contracts are all UUPS upgradeable contracts; however, they have a complex inheritance relationship. Additionally, the contract storage does not adhere to the EIP1967 proxy storage slot standard. The lack of gaps in the storage between the underlying contracts may lead to storage conflicts during upgrades.

Root Cause

            EthosDiscussion
                 /|\ 
               /  |  \
      AccessControl  Common  UUPSUpgradeable
            |
    ------------------------------------------
    |                 |                    |
 Pausable  AccessControlEnumerable  SignatureControl

https://github.com/sherlock-audit/2024-10-ethos-network/blob/main/ethos/packages/contracts/contracts/EthosDiscussion.sol#L29C67-L29C82 For example, the inheritance of EthosDiscussion The underlying inherited contracts—AccessControl, Common, UUPSUpgradeable, SignatureControl, Pausable, and AccessControlEnumerable—lack gaps. EthosAttestation, EthosProfile, EthosReview, EthosVote have the same issue

Internal pre-conditions

None

External pre-conditions

None

Attack Path

Admin Update the contract and modify the storage.

Impact

This may lead to storage conflicts.

PoC

No response

Mitigation

add gaps to the underlying contracts.

sherlock-admin2 commented 5 days ago

The protocol team fixed this issue in the following PRs/commits: https://github.com/trust-ethos/ethos/pull/2101