search

code-423n4 / 2022-12-escher-findings

0 stars 0 forks source link

Selfdestruct may be phased out, shouldn't be used for transfers #92

Open code423n4 opened 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2022-12-escher/blob/5d8be6aa0e8634fdb2f328b99076b0d05fefab73/src/minters/OpenEdition.sol#L122 https://github.com/code-423n4/2022-12-escher/blob/5d8be6aa0e8634fdb2f328b99076b0d05fefab73/src/minters/FixedPrice.sol#L110

Vulnerability details

Impact

The selfdestruct opcode may be phased out. This possibility is discussed in EIP4760 (written by Vitalik and Dankrad).

This opcode is used to send Eth to the saleReceiver, which risks changes to the network invalidating the immutable implementation contracts deployed by Escher.

Proof of Concept

The _end() function in both OpenEdition.sol and FixedPrice.sol both use selfdestruct() to send their remaining funds to the saleReceiver.

Tools Used

Manual Review

Recommended Mitigation Steps

Use a low level call to transfer funds to the saleReceiver instead of self destructing.

berndartmueller commented 1 year ago

Downgrading to QA (Low). See https://github.com/code-423n4/2022-12-escher-findings/issues/506#issuecomment-1345621194

c4-judge commented 1 year ago

berndartmueller changed the severity to QA (Quality Assurance)

c4-judge commented 1 year ago

berndartmueller marked the issue as grade-b