ArkProject: NFT Bridge
ArkProject
NFTBridge
60,000 USDC
View results
Previous Next
Submission Details
Severity: low
Valid

Implementation contract left uninitialized and can be initialized

alqaqa

Vulnerability Details

The Bridge contract will be ERC1967, and the implementation will be the Bridge. But If we checked the Bridge implementation we will find that it is left initialized, and anyone can initialize it.

This will allow anyone to initialize the implementation contract and take its OwnerShip.

Recommendations

Prevent initializing the contract the implementation contract. This can be done by initializing address(0), this will prevent initializing the implementation contract in the init logic implemented by the team.

diff --git a/apps/blockchain/ethereum/src/Bridge.sol b/apps/blockchain/ethereum/src/Bridge.sol
index e62c7ce..b4d5175 100644
--- a/apps/blockchain/ethereum/src/Bridge.sol
+++ b/apps/blockchain/ethereum/src/Bridge.sol
@@ -35,6 +35,9 @@ contract Starklane is IStarklaneEvent, UUPSOwnableProxied, StarklaneState, Stark
bool _enabled;
bool _whiteListEnabled;
+ constructor() {
+ _initializedImpls[address(0)] = true;
+ }
/**
@notice Initializes the implementation, only callable once.
Updates

Lead Judging Commences

n0kto Lead Judge 9 months ago
Submission Judgement Published
Validated
Assigned finding tags:

finding-initialize-on-implementation

Likelyhood: Low/Medium Impact: Very low, the attacker can at most run the protocol on their side and lead a phishing campaign with an address deployed by Ark.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.