Skip to content
This repository has been archived by the owner on Sep 1, 2024. It is now read-only.

0xDetermination - Protocol will be bricked on zkSync due to computePoolAddress() calculation #35

Closed
sherlock-admin opened this issue Feb 27, 2024 · 2 comments
Closed

0xDetermination - Protocol will be bricked on zkSync due to computePoolAddress() calculation #35

sherlock-admin opened this issue Feb 27, 2024 · 2 comments
Labels
Excluded Excluded by the judge without consulting the protocol or the senior Non-Reward This issue will not receive a payout Sponsor Disputed The sponsor disputed this issue's validity Won't Fix The sponsor confirmed this issue will not be fixed

Comments

@sherlock-admin
Copy link
Contributor

sherlock-admin commented Feb 27, 2024
edited by sherlock-admin3
Loading

0xDetermination

medium

Protocol will be bricked on zkSync due to computePoolAddress() calculation

Summary

computePoolAddress() bricks the protocol on zkSync.

Vulnerability Detail

computePoolAddress() works for all EVM-compatible L2s, but zkSync is not really EVM-compatible. It uses a different method to calculate contract addresses (https://docs.zksync.io/build/developer-reference/differences-with-ethereum.html#create-create2).

Impact

Protocol won't function on zkSync.

Code Snippet

https://github.com/sherlock-audit/2024-02-leverage-contracts/blob/main/wagmi-leverage/contracts/abstract/ApproveSwapAndPay.sol#L251

Tool used

Manual Review

Recommendation

Refactor computePoolAddress() to be compatible with zkSync or create a different contract for zkSync.
@sherlock-admin2 sherlock-admin2 added Sponsor Disputed The sponsor disputed this issue's validity Won't Fix The sponsor confirmed this issue will not be fixed labels Feb 27, 2024
@fann95
Copy link

fann95 commented Feb 28, 2024

I have already answered in the previous audit. If we deploy to zkSync then the appropriate corrections will be made. Without them, the contract will not work.There is no bug or vulnerability here.

@github-actions github-actions bot added Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Excluded Excluded by the judge without consulting the protocol or the senior labels Feb 29, 2024
@github-actions github-actions bot mentioned this issue Feb 29, 2024
Closed
@nevillehuang
Copy link
Collaborator

Invalid, known issue not fixed as seen here

So based on the following sherlock rule, this is invalid

  1. In an update contest, issues from the previous contest with wont fix labels are not considered valid.

@sherlock-admin3 sherlock-admin3 changed the title Huge Teal Octopus - Protocol will be bricked on zkSync due to computePoolAddress() calculation 0xDetermination - Protocol will be bricked on zkSync due to computePoolAddress() calculation Mar 7, 2024
@sherlock-admin3 sherlock-admin3 added Non-Reward This issue will not receive a payout and removed Has Duplicates A valid issue with 1+ other issues describing the same vulnerability labels Mar 7, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Excluded Excluded by the judge without consulting the protocol or the senior Non-Reward This issue will not receive a payout Sponsor Disputed The sponsor disputed this issue's validity Won't Fix The sponsor confirmed this issue will not be fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@fann95 @nevillehuang @sherlock-admin @sherlock-admin2 @sherlock-admin3