Skip to content

Latest commit

 

History

History
46 lines (36 loc) · 1.73 KB

043.md

File metadata and controls

46 lines (36 loc) · 1.73 KB

Odd Tartan Gerbil

Medium

Incomplete Constructor Initialization for VaultV2Deployer Contract

Summary:

The missing initialization of state variables in the constructor will cause unexpected behavior for the contract users as the contract functions will attempt to use uninitialized addresses.

Root Cause:

In vaultV2Deployer.sol:30, the constructor parameters are not being assigned to their corresponding state variables.

Internal Pre-conditions:

  1. Admin needs to deploy the contract without initializing the state variables for addresses like numa, lstAddress, pricefeed, and uptimefeed.

External Pre-conditions:

  1. No external conditions required for this issue to manifest.

Attack Path:

  1. An attacker calls a function that depends on uninitialized addresses.
  2. The contract functions fail or behave unexpectedly because the required addresses are not set.

Impact:

The affected party (contract users) suffer from unexpected contract behavior due to uninitialized addresses.

PoC:

Numa/contracts/deployment/vaultV2Deployer.sol

// vaultV2Deployer.sol:30
constructor(
    address _vaultFeeReceiver,
    address _vaultRwdReceiver,
    uint128 _lstHeartbeat,
    address _numaAddress,
    address _lstAddress,
    address _pricefeedAddress,
    address _uptimeAddress
) {
    vaultFeeReceiver = _vaultFeeReceiver;
    vaultRwdReceiver = _vaultRwdReceiver;
    lstHeartbeat = _lstHeartbeat;
}

Mitigation:

Ensure constructor assigns parameters to their respective state variables to prevent uninitialized addresses.