đź“„

Report #38420

Report Date
January 2, 2025
Status
Closed
Payout

Short-Calldata Zero-Padding Vulnerability in Diamond Proxy Allows Unexpected Fallback Execution

‣
Report Info

BIC Response

The situation you describe requires (1) a malicious fallback function to be introduced to the contracts and (2) an end user to unwittingly interact with said malicious function. These observations are not relevant to our bug bounty program and thus we are closing the report.