When we are bridging Tokens L1<->L2
if the NFT collection in the source chain has no address on the destination chain, we are deploying new ERC721 NFT collection addresses and attaching them.
When deploying we are making the Collection upgradable, where we can change the implementation of that NFT collection if needed.
Since ERC1967 makes the Proxy admin is the sender, so the Bridge is the only address that can upgrade the Collection implementation.
The issue is that no method exists in our L1Bridge
contract to upgrade the NFT collection implementation in L1
. However, if we checked the L2Bridge
we will find that upgrading an NFT collection is a supported thing and intended.
As we can see in L2Bridge
there is a function collection_upgrade
which takes the NFT collection address and calls upgrade
, which will allow upgrading the created NFT collection implementation if needed.
This will result in the inability to upgrade NFT collections that was deployed on L1
if needed.
Bridge is active
Tokens are Bridge L1<->L2
There are new collections created on L1
and attached to original collections on L2
There are new collections created on L2
and attached to original collections on L1
The admin decided to upgrade some collections created on L1
and L2
The admin will be able to upgrade L2
collections but will not be able to upgrade L1
collections
Inability to upgrade Created NFT collections on L1
Manual Review
Implement a function to upgrade the NFT collection on L1Bridge
, the same as that in L2Bridge
.
NOTE: This Mitigation is not tested, so it may be implemented correctly.
Likelyhood/Impact: High, it will never (until an upgrade) be able to update or transfer the ownership of any collections created on L1.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.