search

code-423n4 / 2024-03-pooltogether-findings

5 stars 4 forks source link

Potential Deployment and Functional Failure of The Contracts on L2s Due to Dencun Opcodes #287

Closed c4-bot-9 closed 6 months ago

c4-bot-9 commented 6 months ago

Lines of code

https://github.com/code-423n4/2024-03-pooltogether/blob/480d58b9e8611c13587f28811864aea138a0021a/pt-v5-vault/src/PrizeVault.sol#L1-L963 https://github.com/code-423n4/2024-03-pooltogether/blob/480d58b9e8611c13587f28811864aea138a0021a/pt-v5-vault/src/PrizeVaultFactory.sol#L1-L139 https://github.com/code-423n4/2024-03-pooltogether/blob/480d58b9e8611c13587f28811864aea138a0021a/pt-v5-vault/src/TwabERC20.sol#L1-L105

Vulnerability details

Impact

The PrizeVault.sol, PrizeVaultFactory.sol, TwabERC20.sol contracts, designed to operate on Ethereum L2 solutions such as Optimism, Arbitrum, and Base, may encounter deployment and operational challenges if it utilizes any of the new opcodes introduced in the . This upgrade includes several new opcodes that enhance Ethereum's functionality, such as those related to shard blob transactions (EIP-4844) and others.

If these L2 platforms have not yet integrated the Dencun upgrade, any attempt to deploy or interact with the PrizeVault.sol, PrizeVaultFactory.sol, TwabERC20.sol contracts that relies on these new opcodes will likely fail. This is because the Ethereum Virtual Machine (EVM) on these L2s would not recognize or know how to execute the new instructions, leading to reverts or other unexpected behaviors.

Proof of Concept

Decun Upgrade

Tools Used

Manual Review

Recommended Mitigation Steps

Compatibility Check: Confirm that Optimism, Arbitrum, and Base have implemented the Dencun upgrade.

Development Strategy: If any L2 hasn't updated, consider conditional logic in contracts or wait to deploy until the L2 is compatible.

Assessed type

Error

c4-pre-sort commented 6 months ago

raymondfam marked the issue as insufficient quality report

c4-pre-sort commented 6 months ago

raymondfam marked the issue as primary issue

raymondfam commented 6 months ago

They will eventually be resolved just like PUSH0 rectified by Paris over Shanghai.

hansfriese commented 6 months ago

QA is more appropriate.

c4-judge commented 6 months ago

hansfriese changed the severity to QA (Quality Assurance)

c4-judge commented 6 months ago

hansfriese marked the issue as grade-c