-
### No. 1
The critical parameters in `initialize(...)` are not set safely:
- `s.governor` should be set to `msg.sender`, because a wrong governor address will result in loss of access to all other p…
-
# Lines of code
https://github.com/code-423n4/2022-10-zksync/blob/4db6c596931a291b17a4e0e2929adf810a4a0eed/ethereum/contracts/zksync/facets/DiamondCut.sol#L46
https://github.com/code-423n4/2022-10-zk…
-
Hello, I'm testing the ERC20 permit feature with USDC and DAI on the zkSync Era testnet. However, a permit signature created with the token name will not work and returns the error `Invalid signature.…
-
# Lines of code
https://github.com/code-423n4/2023-10-zksync/blob/1fb4649b612fac7b4ee613df6f6b7d921ddd6b0d/code/system-contracts/contracts/ContractDeployer.sol#L322
# Vulnerability details
## Impa…
-
-
# [01] Missing address zero checks on setter/constructor functions
https://github.com/code-423n4/2022-10-zksync/blob/main/ethereum/contracts/zksync/facets/Governance.sol#L15
https://github.com/code…
-
Try to deploy this project
https://github.com/matter-labs/dapp-portal
- Need to do some modification to support sepolia testnet network
- Bridge contract needs to be updated to the latest ver…
-
## FINDINGS
NB: *Some functions have been truncated where neccessary to just show affected parts of the code*
Throught the report some places might be denoted with audit tags to show the actual place …
-
### Introduction
We are heading to implement a more generic and flexible account abstraction scheme. Accounts in U2U will be able to initiate transactions, like an EOA, but can also have arbitrary lo…
b1m0n updated
1 month ago
-
As more L2+s are launching, there are many more interesting and useful fields for analysts and chain consumers. A huge personal painpoint has been [trying to track](https://github.com/ethereum-optimis…