search

code-423n4 / 2022-05-opensea-seaport-findings

1 stars 0 forks source link

QA Report #131

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

Memory Expansion Calculation is Incorrect

Code used to calculate memory expansion cost is inconsistent with equation 326 in the ethereum yellow paper

The code uses the following equation to calculate cost: cost += (returnDataSize-memorySize)/costPerWord + (returnDataSize**2 - memorySize**2)/memoryExpansionCoefficient

The equation should instead be cost += (returnDataSize-memorySize)/costPerWord + (returnDataSize - memorySize)**2/memoryExpansionCoefficient

This can cause the expansion cost to be overestimated and cause more generic errors to be reported instead of specific ones

The affected lines are: https://github.com/code-423n4/2022-05-opensea-seaport/blob/4140473b1f85d0df602548ad260b1739ddd734a5/contracts/lib/TokenTransferrer.sol#L100-L121

https://github.com/code-423n4/2022-05-opensea-seaport/blob/4140473b1f85d0df602548ad260b1739ddd734a5/contracts/lib/TokenTransferrer.sol#L409-L424

https://github.com/code-423n4/2022-05-opensea-seaport/blob/4140473b1f85d0df602548ad260b1739ddd734a5/contracts/lib/LowLevelHelpers.sol#L66-L78

0xleastwood commented 2 years ago

While the warden's issue is mostly correct, the proposed fix is slightly incorrect. I think cost += (returnDataWords - msizeWords)*CostPerWord + (returnDataWords - msizeWords)**2 / MemoryExpansionCoefficient makes more sense. The issue really only affects how revert messages are bubbled up to the caller.