First Flight #4: Boss Bridge
First Flight #4
Beginner FriendlyFoundryBridge
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

```L1BossBridge::depositTokensToL2()``` - Potential Overflow in Deposit Limit Check

kiteweb3

Summary

In the L1BossBridge::depositTokensToL2() function, the deposit limit is checked by adding the amount to be deposited to the current balance of the vault. If the sum of the current balance and the amount to be deposited exceeds the maximum value of a uint256, this could potentially lead to an overflow error.

Vulnerability Details

function depositTokensToL2(address from, address l2Recipient, uint256 amount) external whenNotPaused {
@> if (token.balanceOf(address(vault)) + amount > DEPOSIT_LIMIT) {
revert L1BossBridge__DepositLimitReached();
}
token.safeTransferFrom(from, address(vault), amount);
// Our off-chain service picks up this event and mints the corresponding tokens on L2
emit Deposit(from, l2Recipient, amount);
}

Impact

In the event of an overflow, the deposit limit check could pass even when it should not, allowing more tokens to be deposited than the intended limit.

Tools Used

Manual Review

Recommendations

To mitigate this risk, check if the deposit limit is exceeded before adding the amount to the current balance of the vault. This would prevent the possibility of an overflow error.

Updates

Lead Judging Commences

0xnevi Lead Judge almost 2 years ago
Submission Judgement Published
Validated
Assigned finding tags:

depositTokensToL2(): DoS deposits via DEPOSIT_LIMIT

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.