Core Contracts

Summary

BaseGauge.sol defines many critical variable Particularly token addresses and contract addresses which are only set once. There are no functions allowing contract owner( or any other entity defined in contract for operating critical function) to either update these references. Consequently, if the any of one this or more turns out to be deprecated, invalid or compromised, there is no mechanism to change to original one. Similarly, if immutable addresses need to change (e.g., due to upgrade or security issues), there is no built in function to do it.

Vulnerability Details

1. The RAACToken, veRAACToken, RAACNFT addresses are declared as public immutable, meaning:

• They are set once during contract deployment (in the constructor).

• They cannot be modified after deployment.

• This design choice is efficient for gas usage but lacks flexibility for adapting to changes in external dependencies.

2. Potential Scenarios Requiring Address Updates

The RAACToken, veRAACToken, RAACNFT contract addresses might change in the following situations:

1. Upgrades and Optimizations:

   • If Some reason RAACToken or veRAACToken or RAACNFT releases a new version of the contract with improved features, optimizations, or bug fixes.

   • The old contract is deprecated, and owner need to migrate to the new address.

2. Critical Bug Fixes:

   • A critical vulnerability is discovered in the any of the above contracts, requiring a patched version with a new address.

3. Chain-Specific Deployments:

   • The contract is deployed on multiple chains, what if RAACToken, veRAACToken addresses differs across chains. If the contract is not redeployed with the correct address, it will fail to function on the new chain.

Heres the Code Link of the contract immutable RAACToken: FeeCollector.sol::SLOC#50, BoostController.sol::SLOC#26, RAACMinter.sol::SLOC#24, RAACReleaseOrchestrator.sol::SLOC#24, veRAACToken.sol::SLOC#95

Heres the Code Link of the contract immutable veRAACToken: FeeCollector.sol::SLOC#51, GaugeController.sol::SLOC#56, Governance.sol::SLOC#34,

Heres the Code Link of the contract immutable RAACNFT: LendingPool.sol::SLOC#52

Impact

If any of the address changes, the contracts will continue to interact with the old address. This may force the entire system to rely on an unsafe or useless contract indefinitely or require a full contract migration.

Tools Used

• Manual Review

Recommended Mitigation

• Provide functions to update RAACToken, veRAACToken or any other contract address if necessary. These can be restricted through onlyOwner or a more robust governance mechanism to prevent unauthorized changes.