Missing Access Control on updateRegistry
Description
GivingThanks::updateRegistry lacks access control, allowing any user to call this function and modify the registry address. This exposes the contract to a security risk where malicious actors could redirect funds or change registry settings without authorization.
Impact
Without access control, anyone can alter the registry address, potentially pointing it to a malicious contract. This would allow attackers to intercept or misdirect funds intended for verified charities, leading to a significant loss of trust and potential financial damage.
Proof of Concepts
Original updateRegistry function:
Potential Attack:
An attacker could call updateRegistry with an address they control.
This would enable the attacker to replace the legitimate registry with a malicious one, allowing unauthorized control over donation funds.
Recommended Mitigation
Restrict access to updateRegistry by using an access control mechanism, such as the onlyOwner modifier from OpenZeppelin's Ownable contract. This will limit the function to only be callable by the contract owner, ensuring authorized control over the registry.
Mitigated Code Example:
By using onlyOwner, only the contract owner has permission to update the registry, safeguarding the contract’s functionality.
Lead Judging Commences
finding-anyone-can-change-registry
Likelyhood: High, anyone can change it at anytime Impact: High, can bypass the verification process
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.