search

code-423n4 / 2022-01-livepeer-findings

0 stars 0 forks source link

Assigned operations to constant variables #220

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Handle

pauliax

Vulnerability details

Impact

Assigned operations to constant variables are re-evaluated every time:

  bytes32 public constant MINTER_ROLE = keccak256("MINTER_ROLE");
  bytes32 public constant BURNER_ROLE = keccak256("BURNER_ROLE");

  bytes32 public constant GOVERNOR_ROLE = keccak256("GOVERNOR_ROLE");

  bytes32 private constant MIGRATE_DELEGATOR_TYPE_HASH =
    keccak256("MigrateDelegator(address l1Addr,address l2Addr)");

  bytes32 private constant MIGRATE_UNBONDING_LOCKS_TYPE_HASH =
    keccak256(
      "MigrateUnbondingLocks(address l1Addr,address l2Addr,uint256[] unbondingLockIds)"
    );

  bytes32 private constant MIGRATE_SENDER_TYPE_HASH =
    keccak256("MigrateSender(address l1Addr,address l2Addr)");

See https://github.com/ethereum/solidity/issues/9232

Recommended Mitigation Steps

Change from 'constant' to 'immutable'.

yondonfu commented 2 years ago

Duplicate of https://github.com/code-423n4/2022-01-livepeer-findings/issues/172