Liquid Staking
Stakelink
DeFiHardhatOracle
50,000 USDC
View results
Previous Next
Submission Details
Severity: low
Valid

Incorrect reinitializer version used

bladesec

Summary

In OperatorVCS and OperatorVault contracts, version 3 is used as reinitialization, which is incorrect.
Currently deployed contracts have version 3 already so reinitialization will revert.

Vulnerability Details

Here's code snippets of initialize function of OperatorVCS and OperatorVault contracts:

// OperatorVault
function initialize(
address _token,
address _vaultController,
address _stakeController,
address _rewardsController,
address _pfAlertsController,
address _operator,
address _rewardsReceiver
) public reinitializer(3) {
...
}
// OperatorVCS
function initialize(
address _token,
address _stakingPool,
address _stakeController,
address _vaultImplementation,
Fee[] memory _fees,
uint256 _maxDepositSizeBP,
uint256 _vaultMaxDeposits,
uint256 _operatorRewardPercentage,
address _vaultDepositController
) public reinitializer(3) {
...
}

As shown from the snippet, it uses reinitializer(3) to set current version to 3.
However, currently deployed contracts of VCS and Vault contracts have version 3.
As a result, reinitialization reverts

Impact

  • Failure of contracts upgrade

Tools Used

Manual Review

Recommendations

Use another version, probably 4.

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Some contracts will not be initialized due to an incorrect `reinitializer` versions used

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.