Malicious proxy contracts may exploit function ID collision to invoke unintended proxy functions instead of delegating to implementation functions. Check for function ID collisions. (see here and here)
- Function ID Collision
- Proxy-based Contracts
- Data Proxy -> Logic Impl.
- Malicious Proxy -> Same
- Function ID -> Hijack Call
- Untrusted Proxy Function ID Collision