There are several settings that can be set by StateTransitionManager in the admin facet for the chain. All those function use onlyStateTransitionManager modifier.
But StateTransitionManager itself doesn't have any means to call that functions and thus changed the configuration. While all settings are set during initial upgrade of proxy, StateTransitionManager can't change those values for existing chains and invariant is broken.
Impact
StateTransitionManager can't change some settings for the chain.
Lines of code
https://github.com/code-423n4/2024-03-zksync/blob/main/code/contracts/ethereum/contracts/state-transition/chain-deps/facets/Admin.sol#L45-L64
Vulnerability details
Proof of Concept
There are several settings that can be set by StateTransitionManager in the admin facet for the chain. All those function use
onlyStateTransitionManager
modifier.But StateTransitionManager itself doesn't have any means to call that functions and thus changed the configuration. While all settings are set during initial upgrade of proxy, StateTransitionManager can't change those values for existing chains and invariant is broken.
Impact
StateTransitionManager can't change some settings for the chain.
Tools Used
VsCode
Recommended Mitigation Steps
Implement those functions.
Assessed type
Error