QA Report - Githubissues

code423n4 commented 1 year ago

See the markdown file with the details of this report here.

miladpiri commented 1 year ago

L03 and R02 are interesting.

GalloDaSballo commented 1 year ago

[L-01] `isEthToken` should return false when `_addr == 0`

L

[L-02] Disallow sending ETH to System Contracts

L

[L-03] `SystemContractHelper.getZkSyncMeta` does not include heapSize and auxHeapSize

R

[N-01] More detail in `L2EthToken.mint` natspec

NC

[N-02] Mention `L2EthToken.transferFromTo` does not trigger callbacks in docs

R

[N-03] No documentation for how ZkSyncMeta is packed

NC

[N-04] Incomplete NatSpec Comments

NC

[N-05] Missing NatSpec Comments

See N-04

[R-01] `L2EthToken.withdraw` can accept `amount` instead of `msg.value`

R

[R-02] `NonceHolder.incrementDeploymentNonce` has redundant access control check

R

[R-03] `ContractDeployer.updateNonceOrdering` can only change to Arbitrary

R

GalloDaSballo commented 1 year ago

1L from dups

2L 5R 3NC

3L 5R 3NC

c4-judge commented 1 year ago

GalloDaSballo marked the issue as grade-a

code-423n4 / 2023-03-zksync-findings

QA Report #194

[L-01] `isEthToken` should return false when `_addr == 0`

[L-02] Disallow sending ETH to System Contracts

[L-03] `SystemContractHelper.getZkSyncMeta` does not include heapSize and auxHeapSize

[N-01] More detail in `L2EthToken.mint` natspec

[N-02] Mention `L2EthToken.transferFromTo` does not trigger callbacks in docs

[N-03] No documentation for how ZkSyncMeta is packed

[N-04] Incomplete NatSpec Comments

[N-05] Missing NatSpec Comments

[R-01] `L2EthToken.withdraw` can accept `amount` instead of `msg.value`

[R-02] `NonceHolder.incrementDeploymentNonce` has redundant access control check

[R-03] `ContractDeployer.updateNonceOrdering` can only change to Arbitrary

code-423n4 / 2023-03-zksync-findings

QA Report #194

[L-01] isEthToken should return false when _addr == 0

[L-02] Disallow sending ETH to System Contracts

[L-03] SystemContractHelper.getZkSyncMeta does not include heapSize and auxHeapSize

[N-01] More detail in L2EthToken.mint natspec

[N-02] Mention L2EthToken.transferFromTo does not trigger callbacks in docs

[N-03] No documentation for how ZkSyncMeta is packed

[N-04] Incomplete NatSpec Comments

[N-05] Missing NatSpec Comments

[R-01] L2EthToken.withdraw can accept amount instead of msg.value

[R-02] NonceHolder.incrementDeploymentNonce has redundant access control check

[R-03] ContractDeployer.updateNonceOrdering can only change to Arbitrary

[L-01] `isEthToken` should return false when `_addr == 0`

[L-03] `SystemContractHelper.getZkSyncMeta` does not include heapSize and auxHeapSize

[N-01] More detail in `L2EthToken.mint` natspec

[N-02] Mention `L2EthToken.transferFromTo` does not trigger callbacks in docs

[R-01] `L2EthToken.withdraw` can accept `amount` instead of `msg.value`

[R-02] `NonceHolder.incrementDeploymentNonce` has redundant access control check

[R-03] `ContractDeployer.updateNonceOrdering` can only change to Arbitrary