No check in proxy factory for the data to delegatecall the distribute function on Distributor through the Proxy contract.
Summary
The data is being sent to the ProxyFactory to perform distribution of winnings on the Proxy contract by doing delegate call on Distributor. But there is no check for the data whether the data has the function selector same as the distribute function on the Distributor contract, thus this can lead to calling of any other functions and no distribution of winning takes place.
Vulnerability Details
When we are calling the function to deploy Proxy and distribute the rewards on the ProxyFactory contract, the data sent by organizer or the owner is not validated whether it is actually for calling the distribute function or not, so it can lead to calling of any other function, resulting in no distribution of winnings.
Tools Used
Foundry Unit Test
Recommendations
To add a check that the first 4 bytes of data is equal to the function selector of distribute function.
So we can compare the first 4 bytes of data with the function selector of the above distribute function and if they are not same we need to revert.
But if we upgraded our implementation and there was a different function signature for the distribute function, so to solve this issue we can create a mapping which maps implementation(distributor) contract address to its correct distribute function selector.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.