Ethereum Asked by Radeg90 on March 10, 2021
I read that if I am using proxy, there is a chance of function clashing. Let’s say in my contract there is a function with a signature:
proxyOwner()
025313a28d329398d78fa09178ac78e400c933630f1766058a2d7e26bb05d8ea
Now, as I understand correctly, a hacker can perform a loop on his computer and create a special function with signature:
clash550254402()
025313a2bba9fda619061d44004df81011846caa708c8d9abf09d256021e23ee
Both signatures are same: 025313a2
What exactly can a hacker do with this? He can call the function directly anyway. What kind of danger comes with function clash? If my function isn’t view, what unexpected can be happened?
In my contract in the proxy’s update proxy address I’m checking if sender exist in the registry contract as an allowed to make any changes. Still, do I need to implement zeppelin’s transparent proxy to prevent clashing? Why?
Suggest the following article could answer some of your questions: https://medium.com/nomic-labs-blog/malicious-backdoors-in-ethereum-proxies-62629adf3357
If you have questions about ZeppelinOS you can join us in the forum https://forum.zeppelin.solutions/
Answered by abcoathup on March 10, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP