Submission Details
Severity:
`Laundrette::retrieveAdmin` function always reverts
Description
Laundrette::retrieveAdmin function calls the kernel.executeAction function but that function has the onlyExecutor modifier so even if the caller is godFather the msg.sender will always be Laundrette contract , reverting the call always
Impact
Laundrette::retrieveAdmin function always reverts
Proof of Concept
PoC: Retrieve Reverts
function test_RetrieveAdmin() public {
vm.prank(godFather);
vm.expectRevert();
laundrette.retrieveAdmin();
}
The test above gives this output
[19297] LaundretteTest::test_RetrieveAdmin()
├─ [0] VM::prank(God Father: [0xe166Ae83c3384a19498Ae0674706988DD2797489])
│ └─ ← [Return]
├─ [0] VM::expectRevert(custom error f4844814:)
│ └─ ← [Return]
├─ [8735] Laundrette::retrieveAdmin()
│ ├─ [2393] Kernel::executor() [staticcall]
│ │ └─ ← [Return] God Father: [0xe166Ae83c3384a19498Ae0674706988DD2797489]
│ ├─ [649] Kernel::executeAction(5, God Father: [0xe166Ae83c3384a19498Ae0674706988DD2797489])
│ │ └─ ← [Revert] Kernel_OnlyExecutor(0xD76ffbd1eFF76C510C3a509fE22864688aC3A588)
│ └─ ← [Revert] Kernel_OnlyExecutor(0xD76ffbd1eFF76C510C3a509fE22864688aC3A588)
└─ ← [Stop]
Recommended Mitigation
godFather can directly call the Kernel::executeAction function to change the admin hence Laundrette::retrieveAdmin function can be safely removed.
Updates
Lead Judging Commences
n0kto over 1 year ago
Submission Judgement Published Assigned finding tags:
`retrieveAdmin` not working
Rewards breakdown
nSLOC
205This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.