First Flight #4: Boss Bridge

First Flight #4

Beginner FriendlyFoundryBridge

100 EXP

View results

Previous Next

Submission Details

Severity: low

Invalid

Incorrect NatSpec in ```L1BossBridge::depositTokensToL1()``` and ```L1BossBridge::sendToL1()```

kiteweb3

Summary

The NatSpec in L1BossBridge::depositTokensToL1() and L1BossBridge::sendToL1() functions do not match what is being done by the functions.

Vulnerability Details

* @notice Locks tokens in the vault and emits a Deposit event

@> * the unlock event will trigger the L2 minting process. There are nodes listening

* for this event and will mint the corresponding tokens on L2. This is a centralized process.

* @param from The address of the user who is depositing tokens

* @param l2Recipient The address of the user who will receive the tokens on L2

* @param amount The amount of tokens to deposit

function depositTokensToL2(address from, address l2Recipient, uint256 amount) external whenNotPaused {

...

}

@> * @notice This is the function responsible for withdrawing ETH from L2 to L1.

* @param v The v value of the signature

* @param r The r value of the signature

* @param s The s value of the signature

* @param message The message/data to be sent to L1 (can be blank)

function sendToL1(uint8 v, bytes32 r, bytes32 s, bytes memory message) public nonReentrant whenNotPaused {

...

}

Impact

In the L1BossBridge::depositTokensToL1() function the minting process is triggered by the lock action and not the unlock as indicated in the NatSpec.
The L1BossBridge::sendToL1() function is responsible for withdrawing the IERC20 _token passed in the constructor and deposited using depositTokensToL1() not ETH from L2 to L1.

This comments may lead to confusion in reading the code and in future maintenance and upgradability of the project. At the moment the L2 part is missing and it is supposed to be deployed in the future.

Tools Used

Manual review.

Recommendations

Edit the NatSpect.

* @notice Locks tokens in the vault and emits a Deposit event

- * the unlock event will trigger the L2 minting process. There are nodes listening

+ * the lock event will trigger the L2 minting process. There are nodes listening

* for this event and will mint the corresponding tokens on L2. This is a centralized process.

* @param from The address of the user who is depositing tokens

* @param l2Recipient The address of the user who will receive the tokens on L2

* @param amount The amount of tokens to deposit

function depositTokensToL2(address from, address l2Recipient, uint256 amount) external whenNotPaused {

...

}

- * @notice This is the function responsible for withdrawing ETH from L2 to L1.

+ * @notice This is the function responsible for withdrawing the tokens from L2 to L1.

* @param v The v value of the signature

* @param r The r value of the signature

* @param s The s value of the signature

* @param message The message/data to be sent to L1 (can be blank)

function sendToL1(uint8 v, bytes32 r, bytes32 s, bytes memory message) public nonReentrant whenNotPaused {

...

}

Updates

Lead Judging Commences

0xnevi Lead Judge

about 2 years ago

0xnevi Lead Judge about 2 years ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.