Closed israelboudoux closed 2 years ago
No actions were found necessary from the Mythril analysis. Details are provided under Action Taken
in the following:
Tests using Mythril. Issues were found only in State.sol and Proposers.sol contratcts, here is the report:
withdrawBond()
A control flow decision is made based on The block.timestamp environment variable. The block.timestamp environment variable is used to determine a control flow decision. Note that the values of variables like coinbase, gaslimit, block number and timestamp are predictable and can be manipulated by a malicious miner. Also keep in mind that attackers know hashes of earlier blocks. Don't use any of those environment variables as sources of randomness and be aware that use of these variables introduces a certain level of trust into miners. In file: Proposers.sol:101
require(
bond.time + COOLING_OFF_PERIOD < block.timestamp,
'It is too soon to withdraw your bond'
)
NO-ACTION: The timestamp can be changed by a miner by ~15 seconds. This does not affect the integrity of a bond withdrawal.
Account: [CREATOR], balance: 0x410c0400000883, nonce:0, storage:{} Account: [ATTACKER], balance: 0x0, nonce:0, storage:{}
Caller: [CREATOR], calldata: , value: 0x0 Caller: [SOMEGUY], function: withdrawBond(), txdata: 0x66eb9cec, value: 0x0
changeCurrentProposer()
A control flow decision is made based on The block.number environment variable. The block.number environment variable is used to determine a control flow decision. Note that the values of variables like coinbase, gaslimit, block number and timestamp are predictable and can be manipulated by a malicious miner. Also keep in mind that attackers know hashes of earlier blocks. Don't use any of those environment variables as sources of randomness and be aware that use of these variables introduces a certain level of trust into miners. In file: Proposers.sol:27
require(
block.number - state.getProposerStartBlock() > ROTATE_PROPOSER_BLOCKS,
"It's too soon to rotate the proposer"
)
NO-ACTION: A malicious miner could change the time at which the block appears slightly (as measured by the block timestamp) and this may affect (within ~15s), the apparent time at which a block appears but that has no affect on the integrity of the proposer rotation.
Account: [CREATOR], balance: 0x20d9fbd, nonce:0, storage:{} Account: [ATTACKER], balance: 0x0, nonce:0, storage:{}
Caller: [CREATOR], calldata: , value: 0x0 Caller: [SOMEGUY], function: changeCurrentProposer(), txdata: 0x77603f4a, value: 0x0
changeCurrentProposer()
A control flow decision is made based on The block.number environment variable. The block.number environment variable is used to determine a control flow decision. Note that the values of variables like coinbase, gaslimit, block number and timestamp are predictable and can be manipulated by a malicious miner. Also keep in mind that attackers know hashes of earlier blocks. Don't use any of those environment variables as sources of randomness and be aware that use of these variables introduces a certain level of trust into miners. In file: #utility.yul:613
th_t_array$_t_uint64_$2_memory_ptr(va
NO-ACTION: Unclear which code is being referred to here but it seems to be a re-statement of the previous concern.
Account: [CREATOR], balance: 0x1, nonce:0, storage:{} Account: [ATTACKER], balance: 0x0, nonce:0, storage:{}
Caller: [CREATOR], calldata: , value: 0x0 Caller: [ATTACKER], function: changeCurrentProposer(), txdata: 0x77603f4a, value: 0x0
withdraw()
A call to a user-supplied address is executed. An external message call to an address specified by the caller is executed. Note that the callee account might contain arbitrary code and could re-enter any function within this contract. Reentering the contract in an intermediate state may lead to unexpected behaviour. Make sure that no state modifications are executed after this call and/or reentrancy guards are in place. In file: State.sol:233
payable(msg.sender).call{value: amount}('')
NO-ACTION: This function uses a reentrancy guard.
Account: [CREATOR], balance: 0x1000400016dd5, nonce:0, storage:{} Account: [ATTACKER], balance: 0x21080490920482001, nonce:0, storage:{}
Caller: [CREATOR], calldata: , value: 0x0 Caller: [ATTACKER], function: withdraw(), txdata: 0x3ccfd60b, value: 0x0
withdraw()
Write to persistent state following external call The contract account state is accessed after an external call to a user defined address. To prevent reentrancy issues, consider accessing the state only before the call, especially if the callee is untrusted. Alternatively, a reentrancy lock can be used to prevent untrusted callees from re-entering the contract in an intermediate state. In file: @openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol:66
_status = _NOT_ENTERED
NO-ACTION: This is an Openzeppelin contract. We accept these as correct.
Account: [CREATOR], balance: 0x41000000013d9d, nonce:0, storage:{} Account: [ATTACKER], balance: 0x11080092424488001, nonce:0, storage:{}
Caller: [CREATOR], calldata: , value: 0x0 Caller: [ATTACKER], function: withdraw(), txdata: 0x3ccfd60b, value: 0x0
No actions were found necessary following the Slither analysis. The NO-ACTIONS
headers below the summary explain why:
This was another Static Test run using Slither. The command used was
slither . --exclude msg-value-loop,delegatecall-loop --checklist --markdown-root https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/ > slither-nightfall-results.MD
which generates a file with the name slither-nightfall-results.MD
containing the content of the analyze. I had to exclude some the detectors
msg-value-loop and delegatecall-loop, because the tool was failing during the analyze.
There should be some false positives, like the three ones with Severity = HIGH. Most of the warnings are "Informational", but there are some with LOW (25) and MEDIUM (28) severity.
Please, ignore the ones related to OpenZeppelin. The tool doesn't have an option to ignore warnings in libraries.
Summary
Impact: High Confidence: High
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/State.sol#L28
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L16
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L17
Impact: Medium Confidence: High
Impact: Medium Confidence: Medium
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Utils.sol#L70
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Utils.sol#L92
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Utils.sol#L61
Impact: Medium Confidence: Medium
Impact: Low Confidence: High
Impact: Low Confidence: Medium
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L56
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/State.sol#L42
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/State.sol#L44
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L46
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L31
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/State.sol#L43
Impact: Low Confidence: High
Impact: Low Confidence: High
Impact: Low Confidence: Medium
Impact: Low Confidence: Medium
Impact: Informational Confidence: High
Impact: Informational Confidence: High
Impact: Informational Confidence: High
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/State.sol#L12
Impact: Informational Confidence: Medium
Impact: Informational Confidence: High
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L3
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Pausable.sol#L6
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/State.sol#L12
[ ] ID-92 solc-0.8.3 is not recommended for deployment
[ ] ID-93 Pragma version^0.8.0 allows old versions
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/MiMC.sol#L4
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Poseidon.sol#L5
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Ownable.sol#L3
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Shield.sol#L14
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Utils.sol#L3
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Stateful.sol#L9
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Pairing.sol#L3
Impact: Informational Confidence: High
Impact: Informational Confidence: High
Impact: Informational Confidence: High
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/MiMC.sol#L64
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/MiMC.sol#L84
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/State.sol#L44
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/MiMC.sol#L33
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/State.sol#L42
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/MiMC.sol#L33
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/MiMC.sol#L93
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/MiMC.sol#L21
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/MiMC.sol#L64
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/MiMC.sol#L77
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/MiMC.sol#L21
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/MiMC.sol#L64
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Ownable.sol#L20
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/State.sol#L43
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/MiMC.sol#L33
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/MiMC.sol#L33
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/MiMC.sol#L77
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L56
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/MiMC.sol#L64
Impact: Informational Confidence: Medium
Impact: Informational Confidence: Medium
Impact: Informational Confidence: High
Impact: Informational Confidence: High
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Utils.sol#L9
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L11
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L9
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L14
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L9
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L11
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L12
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L13
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L10
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L9
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L14
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L18
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L10
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L13
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L11
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L19
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L14
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L12
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L14
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/Config.sol#L13
Impact: Optimization Confidence: High
https://github.com/EYBlockchain/nightfall_3/blob/master/nightfall-deployer/contracts/State.sol#L29
Impact: Optimization Confidence: High
Please, refer to the ticket #6 to see the list of issues detected in our Smart Contracts.