Closed c4-bot-6 closed 2 months ago
saxenism (sponsor) disputed
Not enough info. Uni tokens has total supply less than 2^96 units. So we don’t see an issue
The Warden attempts to establish a vulnerability that may arise from utilizing EIP-20 tokens that do not support large transfers, however, there is inadequate elaboration on the submission itself and EIP-20-based submissions have a heavy burden-of-proof.
alex-ppg marked the issue as unsatisfactory: Insufficient proof
Lines of code
https://github.com/code-423n4/2024-03-zksync/blob/main/code/contracts/zksync/contracts/bridge/interfaces/IL1ERC20Bridge.sol#L67
Vulnerability details
Some IERC20 implementations (e.g UNI, COMP) may fail if the valued transferred is larger than uint96. Source
https://github.com/code-423n4/2024-03-zksync/blob/main/code/contracts/zksync/contracts/bridge/interfaces/IL1ERC20Bridge.sol#L67
Assessed type
ERC20