Liquidity Management
Gamma
DeFiFoundry
50,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

The `sequencerUptimeFeed` is hardcoded in the contract and cannot be changed.

saurabh_singh

Summary

The value of sequencerUptimeFeed is hardcoded and cannot be changed afterward.

Vulnerability Details

In the initialize function, the value of sequencerUptimeFeed is set, and there is no other function in the contract to change it in the future since initialize can only be called once and the address is hardcoded.

function initialize() external initializer {
__Ownable2Step_init();
@>> sequencerUptimeFeed = AggregatorV2V3Interface(0xFdB631F5EE196F0ed6FAa767959853A9F217697D);
}

https://github.com/CodeHawks-Contests/2025-02-gamma/blob/84b9da452fc84762378481fa39b4087b10bab5e0/contracts/KeeperProxy.sol#L48

Impact

The value of sequencerUptimeFeed cannot be changed in the future.

Tools Used

Manual Review

Recommendations

  1. make a function to allow owner to change the sequencerUptimeFeed value.

Updates

Lead Judging Commences

n0kto Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Informational or Gas

Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.