Incorrect Import Path for IDataStore Interface
[M-02] Incorrect Import Path for IDataStore Interface
Description
The PerpetualVault contract uses an incorrect import path for the IDataStore interface. While the contract compiles successfully, this could lead to interface mismatch issues and potential runtime errors if the wrong interface version is used.
Impact
MEDIUM - Potential runtime errors
Could call wrong interface methods
May miss critical interface updates
Potential for silent failures
Affects contract upgradability
Proof of Concept
Current implementation:
The correct path should be:
Root Cause
The issue stems from:
Incorrect relative path in imports
Missing package reference
No version control on interface imports
Recommendations
Short Term
Update import paths to use correct package references:
Long Term
Implement strict interface versioning
Add compile-time interface checks
Consider using Interface Registry pattern
Add automated import path verification in CI
Risk Assessment
Impact Analysis
Technical: Medium (interface mismatch)
Scope: Core contract functionality
Complexity: Low (configuration issue)
Affected Components
Contract imports
Interface definitions
Contract upgrades
Protocol integrations
Timeline
Found: February 20, 2025
Reported: February 21, 2025
Fixed: Pending
Lead Judging Commences
Informational or Gas
Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.