aligned_layer icon indicating copy to clipboard operation
aligned_layer copied to clipboard
Published 1 month ago verified publisher icon yetanotherco

fix(contracts): AlignedLayerServiceManager initialization could frontrun

Open PatStiles opened this issue 1 year ago • 0 comments

Overview:

AlignedLayerServiceManager contract initialize step can be frontrun in some cases.

Detailed Behavior:

The AlignedLayerServiceManager contract does not implement a way to prevent frontrunning during the initialization step.

But since the deployer script use a ProxyAdmin with an upgradeAndCall to initialize the contract, the frontrunning is not possible in this case.

Mitigation:

Implementing access control checks in the AlignedLayerServiceManager contract to prevent frontrunning during the initialization step in case the contract is behind another type of proxy.

PatStiles avatar Sep 19 '24 15:09 PatStiles