Platform: Code4rena
Start Date: 04/01/2023
Pot Size: $60,500 USDC
Total HM: 15
Participants: 105
Period: 5 days
Judge: gzeon
Total Solo HM: 1
Id: 200
League: ETH
Rank: 68/105
Findings: 1
Award: $44.83
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: 0x52
Also found by: 0xSmartContract, Deivitto, Diana, IllIllI, Koolex, Rolezn, SleepingBugs, V_B, adriro, betweenETHlines, cryptostellar5, oyc_109, peanuts
44.8261 USDC - $44.83
https://github.com/code-423n4/2023-01-biconomy/blob/721e2afb493d8bc0bc9488b84eaf2deb14c8b43f/scw-contracts/contracts/smart-contract-wallet/SmartAccount.sol#L27 https://github.com/code-423n4/2023-01-biconomy/blob/7b02ebfcebbf79e6df65ee30efa347cffd28ebcd/scw-contracts/contracts/smart-contract-wallet/aa-4337/samples/SimpleAccount.sol#L9
Based on the context and comments in the code, the SimpleAccount.sol and SmartAccount.sol contract is designed to be deployed as an upgradeable proxy contract.
However, the current implementation is using an non-upgradeable version of the Initializable library: @openzeppelin/contracts/proxy/utils/Initializable.sol instead of the upgradeable version: @openzeppelin/contracts-upgradeable/contracts/proxy/utils/Initializable.sol
https://github.com/code-423n4/2023-01-biconomy/blob/721e2afb493d8bc0bc9488b84eaf2deb14c8b43f/scw-contracts/contracts/smart-contract-wallet/SmartAccount.sol#L27 https://github.com/code-423n4/2023-01-biconomy/blob/7b02ebfcebbf79e6df65ee30efa347cffd28ebcd/scw-contracts/contracts/smart-contract-wallet/aa-4337/samples/SimpleAccount.sol#L9
Use the upgradeable version
#0 - c4-judge
2023-01-17T15:51:25Z
gzeon-c4 marked the issue as duplicate of #352
#1 - livingrockrises
2023-01-19T18:10:18Z
there isn't difference in non-upgradeable and upgradeable version mentioned by the warden
https://www.diffchecker.com/WKtI1akM/
appreciate a discussion
#2 - c4-sponsor
2023-02-07T09:27:21Z
livingrockrises marked the issue as sponsor acknowledged
#3 - c4-judge
2023-02-10T12:36:39Z
gzeon-c4 marked the issue as satisfactory