Submission Details
Severity:
Missing UUPS Upgrade Logic in graduateAndUpgrade Function
Summary
The graduateAndUpgrade function in LevelOne.sol lacks proper UUPS upgrade implementation, despite being designed to upgrade students to LevelTwo.
Vulnerability Details
function graduateAndUpgrade(address _levelTwo, bytes memory) public onlyPrincipal {
if (_levelTwo == address(0)) {
revert HH__ZeroAddress();
}
uint256 totalTeachers = listOfTeachers.length;
uint256 payPerTeacher = (bursary * TEACHER_WAGE) / PRECISION;
uint256 principalPay = (bursary * PRINCIPAL_WAGE) / PRECISION;
_authorizeUpgrade(_levelTwo);
// Lack of any upgrade logic
for (uint256 n = 0; n < totalTeachers; n++) {
usdc.safeTransfer(listOfTeachers[n], payPerTeacher);
}
usdc.safeTransfer(principal, principalPay);
}
Missing proper state transfer to the new implementation
No proper initialization of the new contract
Students' data and progress could be lost during upgrade
No proper handling of the upgrade process
Impact
High: This vulnerability:
Could lead to loss of student data during upgrades
Makes the upgrade process unreliable
Tools Used
Manual code review
Recommendations
Implement proper upgrade logic in graduateAndUpgrade
Updates
Lead Judging Commences
yeahchibyke 29 days ago
Submission Judgement Published Assigned finding tags:
failed upgrade
The system doesn't implement UUPS properly.
Rewards breakdown
nSLOC
243This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.