search

tokamak-network / gem-nft-contract

Project Opal contract repository
MIT License
7 stars 4 forks source link

[Code review: Contract Bugs]: L1WrappedStakedTONFactory creates a contract that cannot be upgraded #30

Closed Zena-park closed 1 month ago

Zena-park commented 1 month ago

Describe the bug

Looking at the composition of the L1 contract, L1WrappedStakedTONFactory appears to be a contract that creates an L1WrappedStakedTON contract. It appears that the L1WrappedStakedTON contract was intended to be configured as a Proxy so that it can be upgraded.

If so, L1WrappedStakedTONFactory should deploy the proxy and set the logic to L1WrappedStakedTON. Currently, the contract created by L1WrappedStakedTONFactory is not a proxy configuration, so it creates a contract that cannot be upgraded.

Impact L1WrappedStakedTON contracts deployed with L1WrappedStakedTONFactory cannot be upgraded.

Exploit Scenario

Recommendation

import { Proxy } from "Proxy.sol";

/// (2)Add Logic Storage /// The logic address must be received and stored separately.

address public logicAddress ;

function setLogicAddress(address _logic) external onlyOwner { logicAddress = _logic; }

/// (3) Deploy the proxy, upgrade the logic, and initialize it.

Proxy wston = new Proxy(); wston.upgradeTo(logicAddress); wston.initialize(_depositManager, _seigManager , _layer2Address,_wton ); wston.transferOwner(_admin); // Using the Proxy's owner change function

mehdi-defiesta commented 1 month ago

Thanks @Zena-park. I switched from a custom proxy to openzeppelin UUPS. Here is L1WrappedStakedTON contract. I've updated the factory to create a new ERC1967 proxy.

mehdi-defiesta commented 1 month ago

I have assign this issue to a "LOW severity" but you can put it as a "MEDIUM" if you find it right.

Zena-park commented 1 month ago

I don't mind, thank you!

mehdi-defiesta commented 1 month ago

fixed in the following commit

Zena-park commented 1 month ago

I confirmed. Thank you.