Closed code423n4 closed 1 year ago
It is the byte that is responsible for the isConstructing.
miladpiri marked the issue as sponsor disputed
Suggested code doesn't compile
Additionally, the whole byte is picked _bytecodeHash[1]
and checked against 0x01 meaning it must be exactly the 0x01 value, which invalidates the finding
GalloDaSballo marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-03-zksync/blob/21d9a364a4a75adfa6f1e038232d8c0f39858a64/contracts/libraries/Utils.sol#L49-L52
Vulnerability details
Impact
Detailed description of the impact of this finding.
isContractConstructing()
might return wrong resultProof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
isContractConstructing()
is testing the equality of a whole byte not testing just the constructor bit. As a result, it might return the wrong result. In particular, if the constructor bit is set, and some other bits are also set, thenisContractConstructing()
will return a false negative.Wrong implementation:
For example, suppose
_bytecodeHash[1] == 0x11
,isContractConstructing()
is supposed to return true, but it will return false instead due to its testing of equality of the whole byte not just the bit.Tools Used
VScode
Recommended Mitigation Steps
Correction: