Create3 library may not work as intended on the zksync
Zksync have subtle difference with mainnet due to which the create3 will not work as intended there.
Vulnerability Detail
Looking at the following link we can see that:
create, create2, call opcodes mainly work differently on zksync and also create require the bytecode in advance. And the solady create3 utility was not made keeping these things in mind.
And create3 is based upon all lot of opcodes mentioned in above link thus the deployment may not work at all on zksync and keep reverting.
As the docs mention:
And solady is compeletely in assembly which is not the recommended way of using create and create2 on zksync
Need to develop a separate create3 methodology and code for zksync, instead of using solady which was written keeping mainnet in mind.
function _generateAnchor(bytes32 _profileId, string memory _name) internal returns (address anchor) {
bytes32 salt = keccak256(abi.encodePacked(_profileId, _name));
address preCalculatedAddress = CREATE3.getDeployed(salt);
// check if the contract already exists and if the profileId matches
if (preCalculatedAddress.code.length > 0) {
if (Anchor(payable(preCalculatedAddress)).profileId() != _profileId) revert ANCHOR_ERROR();
anchor = preCalculatedAddress;
} else {
// check if the contract has already been deployed by checking code size of address
bytes memory creationCode = abi.encodePacked(type(Anchor).creationCode, abi.encode(_profileId));
// Use CREATE3 to deploy the anchor contract
anchor = CREATE3.deploy(salt, creationCode, 0);
}
}
0xnirlin
high
Create3 library may not work as intended on the zksync
Zksync have subtle difference with mainnet due to which the create3 will not work as intended there.
Vulnerability Detail
Looking at the following link we can see that:
create, create2, call opcodes mainly work differently on zksync and also create require the bytecode in advance. And the solady create3 utility was not made keeping these things in mind.
And create3 is based upon all lot of opcodes mentioned in above link thus the deployment may not work at all on zksync and keep reverting.
As the docs mention: And solady is compeletely in assembly which is not the recommended way of using create and create2 on zksync
Need to develop a separate create3 methodology and code for zksync, instead of using solady which was written keeping mainnet in mind.
Impact
create3 will not properly work on zksync
Code Snippet
https://github.com/sherlock-audit/2023-09-Gitcoin/blob/main/allo-v2/contracts/core/Registry.sol#L335-L352
Tool used
Manual Review
Recommendation
Duplicate of #862