First Flight #16: Mafia Takedown

First Flight #16

Beginner FriendlyDeFiFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: low

Valid

`Laundrette::retrieveAdmin` Does Not Work Cause Only Executor Can Call `Kernel::executeAction`

4rdiii

[M-1] `Laundrette::retrieveAdmin` Does Not Work Cause Only Executor Can Call `Kernel::executeAction`

Description:
The retrieveAdmin function aims to allow the godfather to change the kernel admin, potentially terminating the Laundrette contract. However, this function is ineffective because it relies on Laundrette having the ability to call Kernel::executeAction, which is restricted to kernel.executor() alone.
Laundrette::retrieveAdmin:

function retrieveAdmin() external {

@> kernel.executeAction(Actions.ChangeAdmin, kernel.executor());

}

Kernel::executeAction:

@> function executeAction(Actions action_, address target_) external onlyExecutor {

}

Impact:
Despite being unusable due to the restriction (Kernel_OnlyExecutor()), this limitation is manageable because the godfather already possesses the executor role, enabling them to bypass this function and directly call executeAction on Kernel.

Proof of Concept:
Include this test in Laundrette.t.sol to demonstrate the issue:

function test_retrieveAdmin() public {

vm.prank(godFather);

vm.expectRevert(abi.encodeWithSelector(Kernel_OnlyExecutor.selector, address(laundrette)));

laundrette.retrieveAdmin();

// instead godfather can call this to become admin

vm.prank(godFather);

kernel.executeAction(Actions.ChangeAdmin, godFather);

assertEq(kernel.admin(), godFather);

}

Recommended Mitigation:
Given that the godfather already holds the executor role, the retrieveAdmin function becomes redundant. Its removal simplifies the contract's interface without compromising functionality.

- function retrieveAdmin() external {

- kernel.executeAction(Actions.ChangeAdmin, kernel.executor());

- }

Updates

Lead Judging Commences

n0kto Lead Judge about 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

`retrieveAdmin` not working

Rewards breakdown

nSLOC

205

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.