Platform: Code4rena
Start Date: 13/10/2023
Pot Size: $31,250 USDC
Total HM: 4
Participants: 51
Period: 7 days
Judge: 0xsomeone
Id: 295
League: ETH
Rank: 2/51
Findings: 1
Award: $3,025.06
🌟 Selected for report: 1
🚀 Solo Findings: 0
🌟 Selected for report: bronze_pickaxe
Also found by: imare
3025.0597 USDC - $3,025.06
Safe's created outside of the Brahma ecosystem should be able to seamlessly integrate into the Brahma. This Safe should call WalletRegistry.registerWallet to register. After registration,
this safe will be a consoleAccount and should be able to use the same functionality that all the other consoleAccounts have.
However, Safe's that have been created using version 1.4.0=< are not fully compatible with Brahma. This is because, in version 1.4.0, IERC165 support has been added to the GuardManager.sol, this is the code added:
+ if (guard != address(0)) { + require(Guard(guard).supportsInterface(type(Guard).interfaceId), "GS300"); + }
This means that every Safe that has been created using Safe's contract version 1.40 and up, can only add guards that support the EIP-165 interface, as read from the CHANGELOG.md
Consider the following:
WalletRegistry.registerWallet, this call succeeds.SafeModeratorOverridable.solGnosisSafe.setGuard(address(SafeModeratorOverridable))function setGuard(address guard) external authorized { if (guard != address(0)) { require(Guard(guard).supportsInterface(type(Guard).interfaceId), "GS300"); }
because the SafeModeratorOverridable.sol does not support the EIP-165 interface:
source: contracts/src/core/SafeModeratorOverridable.sol contract SafeModeratorOverridable is AddressProviderService, IGuard {
This means that every Safe created with version 1.4.0 or up, can not implement the guard contract, which is a fundamental part of the way the ConsoleAccounts function.
Manual Review
Add support for the EIP-165 interface or update the Safe contracts used in Brahma from 1.3.0 to the most recent version.
Context
#0 - c4-pre-sort
2023-10-22T03:33:27Z
raymondfam marked the issue as sufficient quality report
#1 - c4-pre-sort
2023-10-22T03:33:36Z
raymondfam marked the issue as duplicate of #16
#2 - c4-judge
2023-10-27T15:16:09Z
alex-ppg changed the severity to 2 (Med Risk)
#3 - alex-ppg
2023-10-27T15:18:12Z
This appears to be a contender for "best" as it clearly pinpoints the flaw (i.e. Gnosis Safe instances created externally rather than via the code) as well as versions (i.e. >=1.4.0) the bug is applicable to.
#4 - c4-judge
2023-10-27T15:18:20Z
alex-ppg marked the issue as satisfactory
#5 - c4-judge
2023-10-27T15:24:17Z
alex-ppg marked the issue as selected for report
#6 - alex-ppg
2023-10-27T15:25:52Z
The Sponsor should have a look at my reply on #16 (original primary) as they need to confirm that they have understood the exhibit's ramifications fully.
#7 - c4-sponsor
2023-10-27T23:21:56Z
0xad1onchain (sponsor) confirmed
#8 - 0xad1onchain
2023-11-19T05:52:29Z
Fixed, added the recommended IERC165 support