Missing reentrancy guard initialization in keeperproxy.sol
Title
Missing reentrancy guard initialization in KeeperProxy
Summary
Initialization of the ReentrancyGuardUpgradeable is missing in KeeperProxy.sol.
Vulnerability Details
The KeeperProxy contract doesn't properly set up the ReentrancyGuardUpgradeable from OpenZeppelin. This happens because the __ReentrancyGuard_init() function isn't called during initialization.
It is noted that the reentrancy guard was not actually used in the contract, but it is still recommended to initialize it to avoid potential future issues.
Impact
Not high impact, but still recommended to fix.
Tools Used
Manual Review
Recommendations
Add a call to __ReentrancyGuard_init() in the initialize() function of KeeperProxy or remove the reentrancy guard from the contract.
Lead Judging Commences
Informational or Gas
Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.
Informational or Gas
Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.