# Wallet Protocol Security Review # Findings ## malicious delegatecall **Severity**: High Context: [`Implementation.sol#L17`](https://github.com/spearbit-audits/writing-exercise/blob/de45a4c5b654710812e9fa29dde6e12526fe4786/contracts/Implementation.sol#L17) An attacker can deploy a malicious contract with a malicious function calling `selfdestruct(address)` inside, and then make a call of `delegatecallContract(address a, bytes calldata _calldata)` function in the `Implementation` contract passing the malicious contract address and ABI encoded malicious function as parameters so that the `delegatecallContract` calls the `selfdestruct(address)`. Since it's a `delegatecall`, the calling context is the `Implementation` contract, therefore the `selfdestruct(address)` will remove the code of the `Implementation` contract. Now any `Proxy` contract that points to the `Implementation` contract won't be able to do anything other than receiving ETH, so the funds in those `Proxy` contracts will be locked forever. **Recommendation**: Change the `Implmentation.sol` contract to be a *library* (replacing the keyword `contract` with `library`), and remove the `payable` modifiers from the 2 function declarations, as library cannot have `payable` functions.