Project
One World
NFTDeFi
15,000 USDC
View results
Previous Next
Submission Details
Severity: high
Invalid

Attacker can change the contract admin even without any role

ashishlach

Summary

Attacker can make use of executeMetaTransaction() pesent in NativeMetaTransaction contract to change the admin role of MembershipERC1155 Implementation contract

Vulnerability Details

Attacker can make use of this public function executeMetaTransaction() to call or change roles in Implementation contract. Implemementation contract will think the call is coming from Factory contract so it will allow it as default admin role is given to factory contract.

https://github.com/Cyfrin/2024-11-one-world/blob/1e872c7ab393c380010a507398d4b4caca1ae32b/contracts/meta-transaction/NativeMetaTransaction.sol#L33

https://github.com/Cyfrin/2024-11-one-world/blob/1e872c7ab393c380010a507398d4b4caca1ae32b/contracts/meta-transaction/NativeMetaTransaction.sol#L40

Impact

Attacker can become the admin of implementation contract.

Tools Used

Manual Review

Recommendations

Have access role restriction for below function in NativeMetaTransaction contract so it cannot be called by outsider.

executeMetaTransaction()
Updates

Lead Judging Commences

0xbrivan2 Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement
0xbrivan2 Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.