Eggstravaganza
First Flight #37
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: high
Invalid

`Vault Owner` is able to change NFT contract at any time

jjhddtt

Summary

The Vault Owner is able to change the NFT contract at any time using EggVault::setEggNFT, allowing for potential breach of trust.

Vulnerability Details

Allowing the Vault Owner to change the NFT contract at any time, without emitting an event to alert Players may lead to potential breaches of trust. For example, the Vault Owner may change the NFT contract to one with a different implementation of transferFrom which will call back into EggVault::withdrawEgg to exploit lack of re-entrancy guards.

Impact

Protocol broken by Vault Owner.

Tools Used

Manual review.

Recommendations

The Player should be informed of the change in NFT contract by an event:

/// @notice Set the NFT contract address.
function setEggNFT(address _eggNFTAddress) external onlyOwner {
require(_eggNFTAddress != address(0), "Invalid NFT address");
eggNFT = EggstravaganzaNFT(_eggNFTAddress);
emit ContractNFTChanged();
}

Exploitation in this case may also have been prevented by adding a nonReentrant modifier to the function call.

Updates

Lead Judging Commences

m3dython Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Design choice
Assigned finding tags:

Trusted Owner

Owner is trusted and is not expected to interact in ways that would compromise security

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.