SDLPool.sol
is an upgradable contract with storage variables and it has child contracts SDLPoolPrimary.sol
and SDLPoolSecondary.sol
but does not have storage gaps implemented.
see storage gaps here: https://docs.openzeppelin.com/contracts/3.x/upgradeable#storage_gaps
SDLPool.sol
is an upgradable contract with storage variables and it has child contracts SDLPoolPrimary.sol
and SDLPoolSecondary.sol
. All are meant to be upgradeable which means new functions and storage variables can be added to the SDLPool.sol
contract. However, if a new storage variable is added to SDLPool.sol
, it will overwrite the storage of the children contract SDLPoolPrimary.sol
and SDLPoolSecondary.sol
.
When there is a need to upgrade SDLPool.sol
with a new storage variable, storage collision can occur with the child contracts SDLPoolPrimary.sol
and SDLPoolSecondary.sol
.
Manual Review
Add storage gaps to the SDLPool.sol
contract to allow easy upgrade.
Lack of storage gaps in SDLPool might impact storage of SDLPoolPrimary and SDLPoolSecondary if new storage introduced in future.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.