Open nathanglb opened 1 month ago
I recreated the sequence that caused the failure and did a deeper dive. The problem appears to be that there is no sanitization of actor/msg.sender to ensure the actors are not the handler and weth contracts. Here's what happens:
Sequence of Events:
2430412327
WETH, while WETH got 2430412327
ETH.2430412327
ETH, generating another deposit. WETH contract now holds 2430412327
ETH AND 2430412327
WETH.The balances will not add up properly as a result. I think that adding address sanitization to the invariant test suite will resolve this issue.
Changing the createActor
modifier like so should fix the tests.
modifier createActor() {
if (msg.sender == address(weth) ||
msg.sender == address(this)) {
assembly {
return(0,0)
}
}
currentActor = msg.sender;
_actors.add(msg.sender);
_;
}
I copied the deployed bytecode for WETH9 from Ethereum mainnet and used vm.etch to point the invariant test suite at the live implementation. I cranked up the number of runs to 500 and depth to 500, and then allowed a deep exploration of WETH9 against your invariants. It ran fine for several explorations (about 10 minutes per exploration), but eventually I encountered a case where an invariant condition was broken.
I'm assuming there may be a small problem in the invariant test suite that is causing this.
The following are the modifications I made to target mainnet WETH9.