Closed sherlock-admin closed 6 months ago
0xDetermination
medium
computePoolAddress()
computePoolAddress() bricks the protocol on zkSync.
computePoolAddress() works for all EVM-compatible L2s, but zkSync is not really EVM-compatible. It uses a different method to calculate contract addresses (https://docs.zksync.io/build/developer-reference/differences-with-ethereum.html#create-create2).
Protocol won't function on zkSync.
https://github.com/sherlock-audit/2024-02-leverage-contracts/blob/main/wagmi-leverage/contracts/abstract/ApproveSwapAndPay.sol#L251
Manual Review
Refactor computePoolAddress() to be compatible with zkSync or create a different contract for zkSync.
I have already answered in the previous audit. If we deploy to zkSync then the appropriate corrections will be made. Without them, the contract will not work.There is no bug or vulnerability here.
Invalid, known issue not fixed as seen here
So based on the following sherlock rule, this is invalid
In an update contest, issues from the previous contest with wont fix labels are not considered valid.
0xDetermination
medium
Protocol will be bricked on zkSync due to
computePoolAddress()
calculationSummary
computePoolAddress()
bricks the protocol on zkSync.Vulnerability Detail
computePoolAddress()
works for all EVM-compatible L2s, but zkSync is not really EVM-compatible. It uses a different method to calculate contract addresses (https://docs.zksync.io/build/developer-reference/differences-with-ethereum.html#create-create2).Impact
Protocol won't function on zkSync.
Code Snippet
https://github.com/sherlock-audit/2024-02-leverage-contracts/blob/main/wagmi-leverage/contracts/abstract/ApproveSwapAndPay.sol#L251
Tool used
Manual Review
Recommendation
Refactor
computePoolAddress()
to be compatible with zkSync or create a different contract for zkSync.