Zaros Part 1
Zaros
DeFiFoundry
60,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Future upgrades can corrput storage due to using nested structs

spearmint

Summary

Future upgrades can corrupt storage due to using nested structs

Vulnerability Details

The protocol currently has many libraries with nested structs for example in MarketConfiguration.sol

The issue arises when adding a state variable to the inner struct, this will corrupt the data stored after it in the parent struct

Impact

corrupted state post upgrade

Tools Used

Manual Review

Recommendations

The trick to using inner structs and still enable them to be extended is to put them in a mapping. A struct stored in a mapping can be extended in upgrades.

For example in MarketConfiguration.sol

Replace

struct Data {
...
...
OrderFees.Data orderFees;
...
...

With

mapping(uint256 => OrderFees.Data) orderFees;

Access it using a constant:

uint256 constant ORDER_FEES_CONSTANT = 0;
// Accessing the value
OrderFees.Data storage orderFee = orderFees[ORDER_FEES_CONSTANT];

In this way, if there is a need to extend the inner structure in future upgrades, it can be done without the risk of overwriting existing state variables.

Updates

Lead Judging Commences

inallhonesty Lead Judge
over 1 year ago
inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.