Closed github-actions[bot] closed 1 year ago
sach1r0
low
BaseFeeVault.sol
Accidentaly setting the recipient to address(0) will lead to lose of 10 ether
address(0)
The BaseFeeVault.sol contract does not sanitize with address(0) check in its constructor and this might lead to losing of 10 ether.
10 ether might be lost in case the recipient is accidentally set to address(0).
https://github.com/ethereum-optimism/optimism/blob/3f4b3c328153a8aa03611158b6984d624b17c1d9/packages/contracts-bedrock/contracts/L2/BaseFeeVault.sol#L19-L20 https://github.com/ethereum-optimism/optimism/blob/3f4b3c328153a8aa03611158b6984d624b17c1d9/packages/contracts-bedrock/contracts/L2/SequencerFeeVault.sol#L20 https://github.com/ethereum-optimism/optimism/blob/3f4b3c328153a8aa03611158b6984d624b17c1d9/packages/contracts-bedrock/contracts/L2/L1FeeVault.sol#L19
Manual Review
I suggest adding a zero address check in the constructor such as: require(_recipient != address(0))
require(_recipient != address(0))
sach1r0
low
Lack of zero-address check in the constructor of
BaseFeeVault.sol
Summary
Accidentaly setting the recipient to
address(0)
will lead to lose of 10 etherVulnerability Detail
The
BaseFeeVault.sol
contract does not sanitize withaddress(0)
check in its constructor and this might lead to losing of 10 ether.Impact
10 ether might be lost in case the recipient is accidentally set to
address(0)
.Code Snippet
https://github.com/ethereum-optimism/optimism/blob/3f4b3c328153a8aa03611158b6984d624b17c1d9/packages/contracts-bedrock/contracts/L2/BaseFeeVault.sol#L19-L20 https://github.com/ethereum-optimism/optimism/blob/3f4b3c328153a8aa03611158b6984d624b17c1d9/packages/contracts-bedrock/contracts/L2/SequencerFeeVault.sol#L20 https://github.com/ethereum-optimism/optimism/blob/3f4b3c328153a8aa03611158b6984d624b17c1d9/packages/contracts-bedrock/contracts/L2/L1FeeVault.sol#L19
Tool used
Manual Review
Recommendation
I suggest adding a zero address check in the constructor such as:
require(_recipient != address(0))