QuantAMM
QuantAMM
49,600 OP
View results
Previous Next
Submission Details
Severity: medium
Valid

in `UpliftOnlyExample`, Immutable UpdateWeightRunner Address Prevents Seamless Contract Migration

huntoor

Summary

The immutable _updateWeightRunner address causes overhead during migration to new UpdateWeightRunner contracts, forcing admins to maintain fee configurations across multiple deprecated contracts to support existing UpliftOnlyExample.

Vulnerability Details

When _updateWeightRunner is set as immutable in UpliftOnlyExample, hooks created with older UpdateWeightRunner contracts cannot be updated to point to newer versions. This creates a fragmented system where:

  1. New hooks use the latest UpdateWeightRunner

  2. Old hooks remain tied to deprecated UpdateWeightRunner contracts

  3. Admins must maintain fee configurations across all versions to ensure consistent behavior since this is the only usage of _updateWeightRunner beside retrieving admin address

Impact

  • Increased operational complexity for admins managing multiple UpdateWeightRunner instances

  • Risk of inconsistent fee structures across different hook generations

Tools Used

Manual review

Recommendations

  • Remove the immutable modifier and implement an upgradeable pattern:

address private _updateWeightRunner;
function setUpdateWeightRunner(address newRunner) external onlyOwner {
_updateWeightRunner = newRunner;
emit UpdateWeightRunnerChanged(newRunner);
}
Updates

Lead Judging Commences

n0kto Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Design choice
Assigned finding tags:

invalid_immutable_oracles/variables

Appeal created

n0kto Lead Judge 10 months ago
Submission Judgement Published
Validated
Assigned finding tags:

finding_immutable_updateWeightRunner_in_uplift_lead_to_old_data

Likelihood: Low, when `updateWeightRunner` needs a hotfix. Impact: High, need to redeploy the pool.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!