ccashwell
commented
2 months ago This is not valid, the address constant is only used internally and with the 0xSplits protocol which hardcodes the same address as specified by ERC7528.
Closed sherlock-admin4 closed 2 months ago
ccashwell
commented
2 months ago This is not valid, the address constant is only used internally and with the 0xSplits protocol which hardcodes the same address as specified by ERC7528.
sil3th
medium
Protocol will not work on most of the supported blockchains due to hardcoded ETH contract address.
Summary
The Eth address is hardcoded in the `Common.sol`` file.
Vulnerability Detail
As stated in the README.md, the protocol will be deployed on the following blockchains-Ethereum, Base, OP, Zora, Blast, Arbitrum, zkSync, Degen. Most functionalities will not work as a result of the hardcoded
ETH_AddressImpact
Protocol will not work on most of the supported blockchains.
Code Snippet
https://github.com/sherlock-audit/2024-04-titles/blob/d7f60952df22da00b772db5d3a8272a988546089/wallflower-contract-v2/src/shared/Common.sol#L31
Tool used
Manual Review
Recommendation
Deploy a registry contract that maps chain identifiers (like network IDs or names) to contract addresses. This way, your main contract can query the registry to get the correct address for each chain