Core Contracts

Summary

Context: StabilityPool.sol#L77

The StabilityPool contract has a vulnerability where the initialize function can be called by anyone, resulting in potential malicious manipulation of the contract's state. This issue arises because, according to the provided deployment script, the contract is deployed without using a proxy mechanism. As a result, the initialize function can be executed by any user after the contract is deployed, leading to significant security risks.

Vulnerability Details

The initialize function is intended to initialize critical contract parameters, including addresses for tokens and other contracts. However, the absence of proper access control allows anyone to call this function after deployment. The deployment method outlined in the provided script does not use a proxy, which leaves the contract vulnerable to improper initialization or unauthorized changes. Specifically:

• The function is not protected by any access control, so malicious actors can modify the contract’s state after it has been deployed.

• Sensitive contract parameters, such as addresses for tokens and external contracts, can be overwritten by unauthorized users, compromising the integrity of the contract.

Impact

• Security Risk: An attacker can trigger the initialize function to change critical contract parameters, potentially pointing the contract to malicious addresses, leading to theft of funds or unexpected behavior.

• Unauthorized Access: Any user can manipulate the contract’s initialization, causing potential instability or loss of funds if the contract interacts with external contracts or tokens based on the compromised initialization.

Tools Used

Manual review

Recommendations

• Implement Proxy Deployment: Use a proxy pattern for deployment to ensure that initialization can be safely performed without exposing the contract to unauthorized calls.

• Add Access Control: Protect the initialize function with access control mechanisms (e.g., onlyOwner) to restrict who can invoke it.