First Flight #16: Mafia Takedown
First Flight #16
Beginner FriendlyDeFiFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: low
Valid

Unusable `retrieveAdmin` Function Due to `onlyExecutor` Modifier

yaioxy

Summary

The Laundrette::retrieveAdmin function is designed to call the executeAction function in the Kernel contract, but it will always revert due to the onlyExecutor modifier on the executeAction function.

Vulnerability Details

The Laundrette::retrieveAdmin function attempts to change the admin address of the Kernel contract by calling the executeAction. However, the executeAction function has the onlyExecutor modifier, which means that only the executor address set in the Kernel contract can successfully call this function.

Laundrette contract is set as an admin not executor in the deployer script.

Since the Laundrette contract is not the executor, calling the retrieveAdmin function from any address will always revert with the Kernel_OnlyExecutor error.

Poc

No matter who call the function Laundrette::retrieveAdmin it will always revert with "Kernel_OnlyExecutor"

Test made with foundry

function test_retreiveAdmin() public {
vm.startPrank(makeAddr("bob"));
vm.expectRevert();
laundrette.retrieveAdmin();
vm.stopPrank();
vm.startPrank(kernel.executor());
vm.expectRevert();
laundrette.retrieveAdmin();
vm.stopPrank();
vm.startPrank(kernel.admin());
vm.expectRevert();
laundrette.retrieveAdmin();
vm.stopPrank();
}

Impact

The Laundrette::retrieveAdmin function is effectively unusable and will always revert, as it attempts to call a function (executeAction) that it does not have permission to call.

Tools Used

Foundry

Recommendations

Remove the retrieveAdmin function or set the Laundrette contract as the executor

Updates

Lead Judging Commences

n0kto Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

`retrieveAdmin` not working

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.