The ModuleManager
contract in the Nexus suite manages various modules including validators, executors, hooks, and fallback handlers. Each module has specific roles and is managed through a linked list structure provided by the SentinelListLib
.
Executor Modules: These are crucial for executing operations on behalf of the account. Each function that performs critical actions is protected by the onlyExecutorModule
modifier, ensuring that only authorized executor modules can invoke these functions.
The primary concern is the potential issue arising from the removal of the last executor. If there are no executor modules left, critical functions cannot be executed, leading to a potentially locked or unusable contract state.
onlyExecutorModule
Modifier:
modifier onlyExecutorModule() virtual {
require(_getAccountStorage().executors.contains(msg.sender), InvalidModule(msg.sender));
_;
}
This modifier ensures that only addresses present in the executors
list can execute the protected functions.
If no executor remains in the list, any function requiring onlyExecutorModule
will revert, making those functionalities inaccessible.
function _uninstallExecutor(address executor, bytes calldata data) internal virtual {
(address prev, bytes memory disableModuleData) = abi.decode(data, (address, bytes));
_getAccountStorage().executors.pop(prev, executor);
IExecutor(executor).onUninstall(disableModuleData);
}
Removes an executor module from the list and de-initializes it.
There is no check to ensure at least one executor remains installed.
Loss of Functionality:
If the last executor is removed, all functions protected by the onlyExecutorModule
modifier become unusable, leading to a locked contract state where critical operations cannot be performed.
System Security:
Without any executor, the system might be vulnerable to exploits or malfunction as it cannot enforce the intended execution control.
Manual Analysis
Ensure Minimum One Executor:
Modify the _uninstallExecutor
function to include a check ensuring that at least one executor remains installed.
Invalid, known issue: > Validator management > - A Nexus Smart Account could be locked forever if the owner installs a validator in the wrong way and does remove all other valid validators
Invalid, known issue: > Validator management > - A Nexus Smart Account could be locked forever if the owner installs a validator in the wrong way and does remove all other valid validators
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.