Radiant Neon Osprey
Medium
Hats contract allows to add an exist Safe Wallet. However, older versions of Safe (e.g., v1.2) do not support the Safe Guards feature, which leads to the Safe Wallet becoming non-functional. This issue can prevent critical operations dependent on the Safe Wallet. The lack of a compatibility check during the setUp process is a major oversight.
https://github.com/sherlock-audit/2024-11-hats-protocol/blob/main/hats-zodiac/src/HatsSignerGate.sol#L160-L199
From above setUp function we can see there is lack of checking the version of the safe wallet.
Hats allows owner add an exist safe wallet instead of create a new safe wallet.
// deploy a new safe if there is no provided safe
if (params.safe == address(0)) {
params.safe = SafeManagerLib.deploySafeAndAttachHSG(
SAFE_PROXY_FACTORY, SAFE_SINGLETON, SAFE_FALLBACK_LIBRARY, SAFE_MULTISEND_LIBRARY
);
}According to safe docs: https://docs.safe.global/advanced/smart-account-guards
Safe Guards are introduced with Safe contracts version 1.3.0.
Hats contract allows owner to add safe guards: https://github.com/sherlock-audit/2024-11-hats-protocol/blob/main/hats-zodiac/src/HatsSignerGate.sol#L910-L914
function setGuard(address _guard) public {
_checkUnlocked();
_checkOwner();
_setGuard(_guard);
}No response
- use an exist safe wallet
No response
1.prevent critical operations dependent on the Safe Wallet
// deploy a new safe if there is no provided safe
if (params.safe == address(0)) {
params.safe = SafeManagerLib.deploySafeAndAttachHSG(
SAFE_PROXY_FACTORY, SAFE_SINGLETON, SAFE_FALLBACK_LIBRARY, SAFE_MULTISEND_LIBRARY
);
}Check current safe version during setUp