Detailed description of the impact of this finding.
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
Tools Used
Manual Review
Recommended Mitigation Steps
It is recommended to use the user's input to generate the salt when using create2 to deploy the contract of the l2token, this is in order to allow sufficient randomness and potential issues.
c4-bot-2
commented
5 months ago
Lines of code
https://github.com/code-423n4/2024-03-zksync/blob/4f0ba34f34a864c354c7e8c47643ed8f4a250e13/code/contracts/zksync/contracts/bridge/L2SharedBridge.sol#L158 https://github.com/code-423n4/2024-03-zksync/blob/4f0ba34f34a864c354c7e8c47643ed8f4a250e13/code/contracts/zksync/contracts/bridge/L2SharedBridge.sol#L153
Vulnerability details
Impact
Detailed description of the impact of this finding.
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
Tools Used
Manual Review
Recommended Mitigation Steps
It is recommended to use the user's input to generate the salt when using create2 to deploy the contract of the l2token, this is in order to allow sufficient randomness and potential issues.
Assessed type
Invalid Validation