search

Gravita-Protocol / Gravita-SmartContracts

GNU General Public License v3.0
48 stars 31 forks source link

[AMT-01M] Incorrect Specification of Gap #375

Closed 0xfornax closed 1 year ago

0xfornax commented 1 year ago

AMT-01M: Incorrect Specification of Gap

Type Severity Location
Standard Conformity AddressesMainnet.sol:L29

Description:

The referenced _gap variable is meant to indicate an OpenZeppelin like variable that reserves a gap during compilation for future upgrades of the contract that may wish to utilize storage slots.

The methodology it is calculated is non-standard within the Gravita Protocol repository.

Impact:

While proper upgrades would not result in an error, the non-standard way to calculate the array's size currently employed can lead to significant data corruption if the length is improperly updated in a consequent logic update.

Example:

uint256[40] private __gap;

Recommendation:

We advise the length of the array to be calculated by subtracting the total number of storage slots reserved by the contract currently from the value of 50.

In the current instance, this would yield us 50 as the contract does not reserve any storage slots (constant values are located in bytecode, not in the contract's storage space).

0xfornax commented 1 year ago

Acknowledged. The original Gravita mainnet deployment used a gap size of 40, reserving a space on the layout a bit smaller than the OpenZeppelin default.