LevelOne::SchoolFees at slot 1 in storage is been replaced with LevelTwo::sessionEnd at slot 1 which could override school fees been set initially
Summary
Inconsistency in storage slots for upgradeable contracts could result in wrong values been set at a storage slot , the LevelOne::SchoolFees set at storage slot 1 can be potentially replaced or misinterpreted with a different value when upgraded to LevelTwo contract which has sessionEnd stored at storage slot 1
Vulnerability Details
In LevelOne contract , the variable LevelOne::schoolFees is at slot 1
In LevelTwo contract ,storage variable at slot 1 is been replaced with LevelTwo::sessionEnd variable
Impact
School Fees been set at LevelOne contract could potentially be overwritten upon contract upgrades resulting in an incorrect figure or amount
Tools Used
Manual Review
Recommendations
To mitigate this problem , there are a few measures the protocol can take
Consider adding schoolFees variable in LevelTwo contract maintaining the same consistency for storage variables across both contracts
Consider using openzeppelin reserved storage slots which allows contracts to leave certain gap in storage.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.