Platform: Code4rena
Start Date: 02/10/2023
Pot Size: $1,100,000 USDC
Total HM: 28
Participants: 64
Period: 21 days
Judge: GalloDaSballo
Total Solo HM: 13
Id: 292
League: ETH
Rank: 40/64
Findings: 1
Award: $656.33
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: zero-idea
Also found by: 0x1337, 0xTheC0der, 0xstochasticparrot, Audittens, HE1M, Jeiwan, erebus, gumgumzum, leviticus1129, lsaudit, quarkslab, rvierdiiev
656.3255 USDC - $656.33
https://github.com/code-423n4/2023-10-zksync/blob/1fb4649b612fac7b4ee613df6f6b7d921ddd6b0d/code/system-contracts/contracts/Constants.sol#L25-L35 https://github.com/code-423n4/2023-10-zksync/blob/1fb4649b612fac7b4ee613df6f6b7d921ddd6b0d/code/system-contracts/contracts/AccountCodeStorage.sol#L86-L112 https://github.com/code-423n4/2023-10-zksync/blob/1fb4649b612fac7b4ee613df6f6b7d921ddd6b0d/code/system-contracts/contracts/AccountCodeStorage.sol#L114-L138
The CURRENT_MAX_PRECOMPILE_ADDRESS equals address(0x02), but ECMUL_SYSTEM_CONTRACT = address(0x07) and should be used as the CURRENT_MAX_PRECOMPILE_ADDRESS instead.
Both the getCodeHash() and getCodeSize() functions in the AccountCodeStorage contract uses CURRENT_MAX_PRECOMPILE_ADDRESS, and an incorrect value causes these functions to deviate from the intended behavior which is to simulate the extcodehash and extcodesize EVM opcodes.
Both ECADD_SYSTEM_CONTRACT and ECMUL_SYSTEM_CONTRACT have higher value than CURRENT_MAX_PRECOMPILE_ADDRESS
When an incorrect CURRENT_MAX_PRECOMPILE_ADDRESS is used, the getCodeHash() and getCodeSize() functions return incorrect result for certain precompile addresses.
Manual Review
Update CURRENT_MAX_PRECOMPILE_ADDRESS to equal uint256(uint160(ECMUL_SYSTEM_CONTRACT)) instead
Error
#0 - c4-pre-sort
2023-10-31T06:51:16Z
bytes032 marked the issue as duplicate of #142
#1 - c4-judge
2023-11-23T19:31:06Z
GalloDaSballo marked the issue as satisfactory