Back to bshramin's contests

zkSync Era System Contracts contest - bshramin's results

Rely on math, not validators.

General Information

Platform: Code4rena

Start Date: 10/03/2023

Pot Size: $180,500 USDC

Total HM: 6

Participants: 19

Period: 9 days

Judge: GalloDaSballo

Total Solo HM: 2

Id: 221

League: ETH

zkSync

Findings Distribution

Researcher Performance

Rank: 18/19

Findings: 1

Award: $237.70

QA:
grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryzkSync

Findings Information

🌟 Selected for report: unforgiven

Also found by: 0xSmartContract, Dravee, HE1M, Madalad, brgltd, bshramin, gjaldon, joestakey, minaminao, rbserver, rvierdiiev, supernova

Labels

bug
grade-b
QA (Quality Assurance)
Q-10

Awards

237.7048 USDC - $237.70

External Links

Link to GitHub issue

Reduce nestedness and complexity

Reducing the nestedness and complexity of the code will make it easier to read and understand. In knownCodesStorage.sol, in function _markBytecodeAsPublished we can change the body of the function to the following:

if (getMarker(_bytecodeHash) != 0) {
    return;
}

_validateBytecode(_bytecodeHash);

if (_shouldSendToL1) {
    _sendBytecodeToL1(_bytecodeHash, _l1PreimageHash, _l1PreimageBytesLen);
}

// Save as known, to not resend the log to L1
assembly {
    sstore(_bytecodeHash, 1)
}

emit MarkedAsKnown(_bytecodeHash, _shouldSendToL1);

Use revert instead of return

In the fallback function of MsgValueSimulator, there is a condition that we know it should not happen but it's there for safety. However if this happens and user sends a amount more than MAX_MSG_VALUE the function will return and the user will not get any refund. We should use revert instead of return on line 55 or move the condition to the beginning of the function.

This is the condition:

if (value > MAX_MSG_VALUE) {
    // The if above should never be true, since noone should be able to have
    // MAX_MSG_VALUE wei of ether. However, if it does happen for some reason,
    // we will revert(0,0).
    // Note, that we use raw revert here instead of `panic` to emulate behaviour close to
    // the EVM's one, i.e. returndata should be empty.
    assembly {
        return(0, 0)
    }
}

Test function not removed from the code

In the file SystemContext.sol, the function unsafeOverrideBlock was meant only for testing purposes, but it was not removed from the code.

Mistakes in the comments

  • In knownCodesStorage.sol on line 14, the word words at the end of the line should be removed
  • In NonceHolder.sol on line 17, the word marked should be replaced with mark
  • In SystemContext.sol on line 36, the word will should be changed to set it to
  • In SystemContext.sol on line 64, The comment was copied from the above function and is not correct
  • In SystemContext.sol on line 71, the word when should be removed

#0 - GalloDaSballo

2023-03-31T09:44:13Z

Reduce nestedness and complexity R

Use revert instead of return L

Test function not removed from the code L

#1 - GalloDaSballo

2023-04-06T18:29:17Z

2L 1R

#2 - GalloDaSballo

2023-04-06T18:58:02Z

6 points bonus for short and sweet

#3 - c4-judge

2023-04-06T18:59:53Z

GalloDaSballo marked the issue as grade-b

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter