Bumping this: can the wrapper interface (0x019a38fe) be set on the Goerli .eth-resolver? This is very useful for auto-discovery, unless there is a better method than: ENS Registry (hardcode) → resolve("eth") → interfaceImplementer("0x019a38fe").
Also, could the Price Oracle get defined as an interface too? I’m currently plucking it out of slot 2 from the .ethcontroller via interfaceImplementer(“0x018fac06”).
I recently discovered a new bug in the NameWrapper, that has a particularly tricky way in which it can be exploited.
The bug was classified as a “Note” with a small bounty paid out, because it doesn’t risk any funds, or affect the ownership of any names, but it may have some consequences for anyone who depends on the isWrapped function.
The attacker can:
register and wrap a 2LD .eth name
let the name expire
register (and not wrap) the name again
set the owner in the registrar to the NameWrapper contact address, (keeping the controller as the attacker’s address)
A bug in the NameWrapper isWrapped function means it will now return true instead of false(!)
and the attacker has full control over the name as the owner of the controller
and if the attacker wants to sell, or “unwrap” the name, all she has to do is change the address of the controller to the NameWrapper, and call the renew() function. This will basically rewrap the name for the hacker, which is also technically a another bug because the event,