Summary

The contract uses OpenZeppelin's UUPS (Universal Upgradeable Proxy Standard) for upgradability. This is generally considered a secure method for contract upgradability, but it's important to ensure that the upgrade process is secure and cannot be exploited.

Vulnerability Details

The upgrades are done via the implementation contract with the help of upgradeTo method, there’s a higher risk of newer implementations to exclude the upgradeTo method, which may permanently kill the ability to upgrade the smart contract. Also, this pattern is a bit complex to implement when compared to other proxy patterns.

Impact

Unauthorized Upgrades

Tools Used

-slither

• foundry

Recommendations

A hotfix was shipped in Contracts 4.3.2 and in the upgrade-safe version of the library. The fix adds an onlyProxy modifier to the UUPSUpgradeable base contract preventing the upgrade functions to be called directly on the implementation.

'''solidity

address private immutable __self = address(this);

modifier onlyProxy() {
require(address(this) != __self, "Function must be called through delegatecall");
require(_getImplementation() == __self, "Function must be called through active proxy");
_;
}
'''