Tadle
Tadle
DeFiFoundry
27,750 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

The `Rescuable::initializeOwnership` function can be frontrun.

x0rc1ph3r

Summary

The Recuable::initializeOwnership function in the smart contract lacks proper access control mechanisms. This vulnerability allows any user to potentially frontrun the function, resulting in killing the contract.

Vulnerability Details

The vulnerability is located in the initializeOwnership function, defined as follows:

function initializeOwnership(address _newOwner) external {
if (owner() != address(0x0)) {
revert AlreadyInitialized();
}
_transferOwnership(_newOwner);
}

This function in implemented in all the core contracts CapitalPool, DeliveryPlace, PreMarkets, SystemConfig, TokenManager. Anyone can frontrun the function call and as a result, when deployUpgradeableProxy is called, the initializeOwnership function will be called internally and it will be reverted with error AlreadyInitialized().

Impact

The funds used to deploy the contract will be lost, before setting it as a proxy in TadleFactory.

Tools Used

  • Manual code review

Recommended Mitigation

To mitigate this vulnerability, it is essential to implement proper access control mechanisms. Also consider passing the owner address into the constructor instead of a function.

Updates

Lead Judging Commences

0xnevi Lead Judge
12 months ago
0xnevi Lead Judge 12 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement
Assigned finding tags:

[invalid] finding-Rescuable-initializeOwner-lack-access-control

Aside from `Rescuable.sol` being OOS, this is invalid based on codehawks guidelines regarding unprotected initializers. Additionally, this should be called concurrently when deploying a new proxy, but this submissions does not identify that particular issue of an uninitialized owner for proxy contracts

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.