Unrestricted External Call Capability Enables Complete Protocol Control
Summary
The MembershipFactory contract includes an extremely powerful callExternalContract function that allows the EXTERNAL_CALLER role to execute arbitrary calls to any contract with any parameters. This design creates a critical vulnerability where the admin can manipulate any aspect of any DAO in the protocol, including draining funds, burning memberships, or modifying core functionality. The function essentially acts as a "master key" to the entire protocol, contradicting fundamental principles of decentralization and security.
Vulnerability Details
Impact
-
Treasury Security:
Admin can withdraw any tokens
Can redirect member payments
No fund safety
-
Membership Control:
Can burn any tokens
Can modify balances
No member protection
-
DAO Integrity:
Complete admin control
No decentralization
No member governance
Tools Used
Manual Review
Recommendations
Remove unrestricted call capability
Implement specific admin functions
Add timelock for critical operations
Require member voting
Use multisig control
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.