Hawk High
First Flight #39
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

The contract is not upgraded actually in LevelOne::graduateAndUpgrade

al88nsk

Summary

The contract is never upgraded to LevelTwo.

Vulnerability Details

Function LevelOne::graduateAndUpgrade is used to upgrade the contract. In particular, it is used in the upgrade script GraduateToLevelTwo.s.sol. Here is the function LevelOne::graduateAndUpgrade:

function graduateAndUpgrade(address _levelTwo, bytes memory) public onlyPrincipal {
if (_levelTwo == address(0)) {
revert HH__ZeroAddress();
}
uint256 totalTeachers = listOfTeachers.length;
uint256 payPerTeacher = (bursary * TEACHER_WAGE) / PRECISION;
uint256 principalPay = (bursary * PRINCIPAL_WAGE) / PRECISION;
_authorizeUpgrade(_levelTwo);
for (uint256 n = 0; n < totalTeachers; n++) {
usdc.safeTransfer(listOfTeachers[n], payPerTeacher);
}
usdc.safeTransfer(principal, principalPay);
}

This function does not call UUPSUpgradeable::upgradeTo or UUPSUpgradeable::upgradeToAndCall that actually upgrade the contract. It only calls _authorizeUpgrade that must be used to check permissions. So, actually the function checks permissions and does not upgrade the contract.

Impact

The contract is never upgraded to LevelTwo.

Tools Used

Manual review

Recommendations

Call UUPSUpgradeable::upgradeTo ro upgrade the contract.

Updates

Lead Judging Commences

yeahchibyke Lead Judge 6 months ago
Submission Judgement Published
Validated
Assigned finding tags:

failed upgrade

The system doesn't implement UUPS properly.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.