Summary

A critical vulnerability exists in the DeployPerpsEngine contract due to the absence of access controls on the run function. This flaw allows any user to deploy contracts, posing significant risks including unauthorized usage and potential system abuse. Furthermore, the contract relies on external configuration variables without proper validation, which can be manipulated to alter the contract's behavior.

Vulnerability Details

Unrestricted Access to run Function: The run function is set to public, which means any user can invoke it. This function facilitates the deployment of AccountNFT and PerpsEngine contracts, which should only be done by authorized entities.

• Unvalidated External Configuration: The contract uses environment variables like IS_TESTNET and USDZ_ADDRESS without verifying their correctness or security. These variables play a crucial role in the contract's deployment process, and incorrect values can lead to undesirable outcomes.

• Potential Exposure of Sensitive Data: During the initialization of the PerpsEngine, certain parameters might include sensitive data. If not handled securely, this could result in data leakage or unauthorized access.

Impact

Unauthorized Contract Deployments: By allowing anyone to call the run function, there's a risk of unauthorized contract deployments. This can lead to unintended actions or resource depletion.

• Risk from Misconfigured Settings: Using unvalidated external configurations can make the system vulnerable to attacks or cause it to operate in unintended ways.

• Security Risk from Sensitive Data: Improper handling of sensitive data during initialization can expose the system to security breaches.

Tools Used

Manual code inspection

• Security-focused static analysis tools Mythril and Slither

Recommendations

1. Implement Access Control: Restrict who can call the run function, ideally limiting it to a trusted owner or administrator. Use patterns like onlyOwner to enforce this control.

2. Validate Configuration Inputs: Ensure that environment variables and other external inputs are validated and sanitized before use. This helps prevent misconfigurations and potential security issues.

3. Secure Initialization: Handle sensitive data carefully during contract initialization. Ensure that all data is securely stored and managed, reducing the risk of exposure.

4. Remove Debugging Code: Remove any debugging or logging code, such as console.log statements, from production contracts to prevent unintended information disclosure.

Addressing these vulnerabilities will significantly enhance the security of the contract and prevent potential misuse or exploitation.