`GivingThanks::updateRegistry` Function Lacks Access Control
Summary
The updateRegistry function in the GivingThanks contract allows any caller to update the registry address. Without access control, unauthorized users can change the registry to a malicious address, potentially compromising the contract’s integrity.
Vulnerability Details
The updateRegistry function currently lacks any restriction on who can call it, allowing any address to modify the registry variable:
This can lead to unauthorized changes in the registry, permitting unverified addresses to act as the registry, bypassing proper verification processes. This creates a significant security risk, especially for a function with control over core contract dependencies.
Impact
Loss of Contract Integrity: An attacker can set
registryto a malicious address, bypassing charity verification and enabling unauthorized or fraudulent transactions.Potential Loss of Funds: By updating the
registry, attackers may redirect funds intended for verified charities to unverified or malicious addresses.
Tools Used
Manual Review
Recommendations
Add an onlyOwner or equivalent check to restrict the updateRegistry function to the contract owner:
This simple access control measure will ensure only the designated owner can update the registry address, safeguarding the integrity of the contract’s operations.
Lead Judging Commences
finding-anyone-can-change-registry
Likelyhood: High, anyone can change it at anytime Impact: High, can bypass the verification process
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.