Two users sent a total of 16 ETH to address X on Base instead of Ethereum mainnet.
On Base, address X is an EOA.
On Ethereum mainnet, address X is a Sales contract with a withdraw ETH function.
Initially, it was possible to rescue the funds on Base -- one just need to redeploy the Sales contract with the same deployer at nonce 0.
Unfortunately, the Foundry script was not configured for Base. Upon running it, it deployed a mock on nonce 0 instead of the desired Sales contract. The mock lacked the withdraw function, so the funds are stucked forever.
Incident B
A user thought that the DN404 Mirror will automatically reroll NFTs if they send the ERC20s to it. Unfortunately, the DN404 Mirror does not have a withdraw ERC20 / ERC721 function. The tokens are stuck there forever.
Rationale
We shall simply avoid withdrawing in the constructor. Cuz we have no surefire way to determine if a factory is safe to receive ETH. A factory may implement the receive function, but does not provide a withdraw function (e.g. Nick's factory).
This code is optimized for bytecode compactness over runtime performance. Cuz it is very unlikely that the rescue functions will actually be called.
The deployer is only authorized to call the rescue functions if it is an EOA. A non EOA may be a factory with permissionless functions that may allow others to rekt the contract.
Checklist
Ensure you completed all of the steps below before submitting your pull request:
[x] Ran forge fmt?
[x] Ran forge snapshot?
[x] Ran forge test?
Pull requests with an incomplete checklist will be thrown out.
Description
Motivation
Incident A
Two users sent a total of 16 ETH to address X on Base instead of Ethereum mainnet. On Base, address X is an EOA. On Ethereum mainnet, address X is a Sales contract with a withdraw ETH function.
Initially, it was possible to rescue the funds on Base -- one just need to redeploy the Sales contract with the same deployer at nonce 0.
Unfortunately, the Foundry script was not configured for Base. Upon running it, it deployed a mock on nonce 0 instead of the desired Sales contract. The mock lacked the withdraw function, so the funds are stucked forever.
Incident B
A user thought that the DN404 Mirror will automatically reroll NFTs if they send the ERC20s to it. Unfortunately, the DN404 Mirror does not have a withdraw ERC20 / ERC721 function. The tokens are stuck there forever.
Rationale
We shall simply avoid withdrawing in the constructor. Cuz we have no surefire way to determine if a factory is safe to receive ETH. A factory may implement the receive function, but does not provide a withdraw function (e.g. Nick's factory).
This code is optimized for bytecode compactness over runtime performance. Cuz it is very unlikely that the rescue functions will actually be called.
The deployer is only authorized to call the rescue functions if it is an EOA. A non EOA may be a factory with permissionless functions that may allow others to rekt the contract.
Checklist
Ensure you completed all of the steps below before submitting your pull request:
forge fmt?forge snapshot?forge test?Pull requests with an incomplete checklist will be thrown out.