# Attackathon \_ Fuel Network 32730 - \[Smart Contract - Low] The Sway compiler currently disallows read Submitted on Mon Jul 01 2024 01:21:53 GMT-0400 (Atlantic Standard Time) by @rbz for [Attackathon | Fuel Network](https://immunefi.com/bounty/fuel-network-attackathon/) Report ID: #32730 Report type: Smart Contract Report severity: Low Target: Impacts: * Griefing (e.g. no profit motive for an attacker, but damage to the users or the protocol) * If contract A interacts with contract B and the interaction fails, causing contract B to revert, contract A may also revert as a consequence; ## Description ## Brief/Intro The Sway compiler's current state Reverts any transaction that performs read access to storage if the call is made within the `fallback` function. ## Vulnerability Details I adapted an existing collection of tests targetting `fallback` functionality (can found at and ) to demonstrate an issue with the way compiler handles storage access in `fallback` function. While the compiler documentation suggests READ access to storage should be possible within fallback functions (since it's a common characteristic of any Sway function), the current state of the compiler prevents this. This difference between the documentation and the codebase's actual behavior raises doubts about whether fallback functions work as intended. However, WRITE operations to storage within fallback functions are working as expected, indicating a potential inconsistency in how storage interactions are handled. ## Impact Details * A malicious contract with a faulty fallback function could be deployed, deliberately hiding crucial storage access features within it. This could trick less technical users into thinking the contract is legitimate because it compiles successfully. This can potentially to griefing; * If contract A interacts with contract B and the interaction fails, causing contract B to revert, contract A may also revert as a consequence; ## References ## Proof of concept Please see following gists: