Protocol does not set gas fees/USDB/WETH to claimable resulting in a loss of funds for the protocol.
Summary
Existing L2s like Optimism and Arbitrum keep sequencer fees for themselves. Blast redirects sequencer fees to the dapps that induced them, allowing smart contract developers to have an additional source of revenue. In order to claim gas fees, a contract must set its gas mode to Claimable, asides the native gas fees, Blast also has the USDB/WETH yields that it supplies to, however the TITLES Publishing Protocol fails to do configure any of these yields as claimable for all its contracts/modules resulting in a loss of revenue for the protocol.
### Q: On what chains are the smart contracts going to be deployed?
Ethereum, Base, OP, Zora, Blast, Arbitrum, zkSync, Degen
---
Evidently, protocol plans on deploying to the blast network, however no yield is configured as claimable for the network, from the Gas, Weth & USDB.
That's to say there should be like an implementation of say a BlastXGas contract which can then be inherited on the contracts to be deployed in Blast so as to get access to the yield... none of the contracts/modules implement this, i.e contract X is XX, BlastGas {
And then the definition of the contract should be something like the below
abstract contract BlastGas {
constructor(address parent_) {
IBlast(0x4300000000000000000000000000000000000002).configureClaimableGas();
IBlast(0x4300000000000000000000000000000000000002).configureGovernor(parent_);
//Then do the same for the USDB/WETH addresses
}
}
So the idea would be to set the parent as the governor and then claim the rewards via the parent. Note that inorder to claim the gas rewards, one must first configure the rewards to be claimable. This must be done so the rewards can be claimed for the modules.
Now do note that for the USDB/WETH, unlike ETH where contracts have Disabled yield by default, WETH and USDB accounts have Automatic yield by default for both EOAs and smart contracts, so this also needs to be explicitly set as "YieldMode.CLAIMAIBLE" as seen in the offficial docs: https://docs.blast.io/building/guides/weth-yield .
Impact
Loss of monetary value for protocol as they miss out on all USDB, WETH, GAS yields
TLDR:All modules in protocol to be deployed on blast.
Tool used
Manual Review
Recommendation
Apply the suggestions hinted in the Proof Of Concept, create a contract like the below and inherit it with other to deploy contracts on Blast
abstract contract BlastGas {
constructor(address parent_) {
IBlast(0x4300000000000000000000000000000000000002).configureClaimableGas();
IBlast(0x4300000000000000000000000000000000000002).configureGovernor(parent_);
//Then do the same for the USDB/WETH addresses
}
}
Then inherit it into other contracts wrapped and then to deploy on blast
Bauchibred
high
Protocol does not set gas fees/USDB/WETH to claimable resulting in a loss of funds for the protocol.
Summary
Existing L2s like Optimism and Arbitrum keep sequencer fees for themselves. Blast redirects sequencer fees to the dapps that induced them, allowing smart contract developers to have an additional source of revenue. In order to claim gas fees, a contract must set its gas mode to Claimable, asides the native gas fees, Blast also has the USDB/WETH yields that it supplies to, however the TITLES Publishing Protocol fails to do configure any of these yields as claimable for all its contracts/modules resulting in a loss of revenue for the protocol.
Vulnerability Detail
From the readMe https://github.com/sherlock-audit/2024-04-titles/blob/d7f60952df22da00b772db5d3a8272a988546089/README.md#L10-L13
Evidently, protocol plans on deploying to the blast network, however no yield is configured as claimable for the network, from the Gas, Weth & USDB.
That's to say there should be like an implementation of say a
BlastXGascontract which can then be inherited on the contracts to be deployed in Blast so as to get access to the yield... none of the contracts/modules implement this, i.econtract X is XX, BlastGas {And then the definition of the contract should be something like the below
So the idea would be to set the parent as the governor and then claim the rewards via the parent. Note that inorder to claim the gas rewards, one must first configure the rewards to be claimable. This must be done so the rewards can be claimed for the modules.
Now do note that for the USDB/WETH, unlike ETH where contracts have
Disabledyield by default, WETH and USDB accounts haveAutomatic yieldby default for both EOAs and smart contracts, so this also needs to be explicitly set as "YieldMode.CLAIMAIBLE" as seen in the offficial docs: https://docs.blast.io/building/guides/weth-yield .Impact
Loss of monetary value for protocol as they miss out on all USDB, WETH, GAS yields
Code Snippet
https://github.com/sherlock-audit/2024-04-titles/blob/d7f60952df22da00b772db5d3a8272a988546089/wallflower-contract-v2/src/TitlesCore.sol
https://github.com/sherlock-audit/2024-04-titles/blob/d7f60952df22da00b772db5d3a8272a988546089/wallflower-contract-v2/src/editions/Edition.sol
https://github.com/sherlock-audit/2024-04-titles/blob/d7f60952df22da00b772db5d3a8272a988546089/wallflower-contract-v2/src/fees/FeeManager.sol
https://github.com/sherlock-audit/2024-04-titles/blob/d7f60952df22da00b772db5d3a8272a988546089/wallflower-contract-v2/src/shared/Common.sol
https://github.com/sherlock-audit/2024-04-titles/blob/d7f60952df22da00b772db5d3a8272a988546089/wallflower-contract-v2/src/graph/TitlesGraph.sol
Tool used
Manual Review
Recommendation
Apply the suggestions hinted in the Proof Of Concept, create a contract like the below and inherit it with other to deploy contracts on Blast
Then inherit it into other contracts wrapped and then to deploy on blast