Platform: Code4rena
Start Date: 18/10/2023
Pot Size: $36,500 USDC
Total HM: 17
Participants: 77
Period: 7 days
Judge: MiloTruck
Total Solo HM: 5
Id: 297
League: ETH
Rank: 64/77
Findings: 1
Award: $22.00
π Selected for report: 0
π Solo Findings: 0
Judge has assessed an item in Issue #193 as 2 risk. The relevant finding follows:
Missing functions in the BasicActions to reach ODSafeManager Description Both functions allowing other users and handlers to manage the safe are restricted with access control. Only callable by the owner of the safe which is the ODproxy, the protocol has already set up a catalogue of actions in the BasicActions.sol contract however this one is missing the functionalities to reachallowSAFE, allowHandler and protectSAFE in the ODSafeManager contract. To perform these actions the user will have to deploy a contract that call the ODSafeManager contract and fire calls to the allowSAFE, allowHandler and protectSAFE functions so that the ODproxy can make delegate calls through them.
Links https://github.com/open-dollar/od-contracts/blob/f4f0246bb26277249c1d5afe6201d4d9096e52e6/src/contracts/proxies/ODSafeManager.sol#L249-L253 https://github.com/open-dollar/od-contracts/blob/f4f0246bb26277249c1d5afe6201d4d9096e52e6/src/contracts/proxies/ODSafeManager.sol#L112-L115 https://github.com/open-dollar/od-contracts/blob/f4f0246bb26277249c1d5afe6201d4d9096e52e6/src/contracts/proxies/ODSafeManager.sol#L105-L109
Fix For the userβs sake it would be more convenient for him if there are functions in BasicActions that call directly these functions in ODSafeManager.
#0 - c4-judge
2023-11-03T17:03:36Z
MiloTruck marked the issue as duplicate of #294
#1 - c4-judge
2023-11-03T17:03:42Z
MiloTruck marked the issue as partial-50
#2 - c4-judge
2023-11-08T00:24:18Z
MiloTruck marked the issue as satisfactory