First Flight #5: Santa's List

First Flight #5

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: low

Valid

Incompatibility of Solidity 0.8.22 with Arbitrum: Deployment Failures Due to Unsupported PUSH0 Opcode

0xrektified

Summary

According to the documentation, the contract is intended to be deployed on the Arbitrum network using version 0.8.22:

## Compatibilities

- Solc Version: 0.8.22

- Chain(s) to deploy contract to:

- Arbitrum

- Tokens

- `SantaToken`

The Solidity files use pragma solidity 0.8.22;, which, when compiled, utilizes the opcode PUSH0. This opcode is not supported on the Arbitrum network.

https://docs.arbitrum.io/for-devs/concepts/differences-between-arbitrum-ethereum/solidity-support

The Foundry.toml file uses "paris" for the EVM version, but this setting is only applicable for tests, as explained in the Foundry documentation:

https://book.getfoundry.sh/reference/config/solidity-compiler

evm_version

Type: string

Default: london

Environment: FOUNDRY_EVM_VERSION or DAPP_EVM_VERSION

The EVM version to use during tests. The value must be an EVM hardfork name, such as london, byzantium, etc.

Vulnerability Details

SOLIDITY 0.8.22

The following POC demonstrates the deployment issue using 0.8.22.

Use the Arbitrum testnet by claiming free Arbitrum Sepolia ETH on Alchemy and use their RPC for testing this POC. We will also use a fork to avoid spending testnet ETH.

Setup a fork:

anvil --fork-url 'https://arb-sepolia.g.alchemy.com/v2/<API_KEY>' --gas-limit 100000000000

forge create ./src/SantaToken.sol:SantaToken --constructor-args $ADMIN_ADDR --private-key $TEST_NET_SECU_PUB --rpc-url 'http://127.0.0.1:8545'

[⠢] Compiling...

No files changed, compilation skipped

Error:

(code: -32000, message: intrinsic gas too high -- CallGasCostMoreThanGasLimit, data: None)

As observed, the deployment fails. To confirm it's related to Arbitrum, let's test on the Ethereum Sepolia network.

Deploy on ETH Sepolia testnet

Setup a fork

anvil --fork-url 'https://eth-sepolia.g.alchemy.com/v2/<API_KEY>' --gas-limit 100000000000

forge create ./src/SantaToken.sol:SantaToken --constructor-args $ADMIN_ADDR --private-key $TEST_NET_SECU_PUB --rpc-url 'http://127.0.0.1:8545'

[⠢] Compiling...

No files changed, compilation skipped

Deployer: ***

Deployed to: 0xc0cc44A995eE7bea6BC2564782CC92A2613ab87e

Transaction hash: 0x729be160024483e5815a870e06e17afeb1df4c3327d79216b8f612ba4d364f84

The deployment is successful

SOLIDITY 0.8.19

Now, let's change the pragma version in our Solidity files to 0.8.19.

Setup a fork

anvil --fork-url 'https://arb-sepolia.g.alchemy.com/v2/<API_KEY>' --gas-limit 100000000000

Deploy the contract on ARB Sepolia testnet

forge create ./src/SantaToken.sol:SantaToken --constructor-args $ADMIN_ADDR --private-key $TEST_NET_SECU_PUB --rpc-url 'http://127.0.0.1:8545'

[⠢] Compiling...

[⠆] Compiling 38 files with 0.8.19

[⠒] Solc 0.8.19 finished in 3.19s

Deployer: ***

Deployed to: 0xc0cc44A995eE7bea6BC2564782CC92A2613ab87e

Transaction hash: 0x57e29d69c98baf710f86590a320566665923594414bffdd55a796abe67b489d5

Verify that minting works:

cast call 0xc0cc44A995eE7bea6BC2564782CC92A2613ab87e\

"balanceOf(address)(uint256)" $ADMIN_ADDR\

--rpc-url 'http://127.0.0.1:8545'

Result

$: 0 #<- Value is 0

cast send 0xc0cc44A995eE7bea6BC2564782CC92A2613ab87e "mint(address)" $ADMIN_ADDR \

--rpc-url 'http://127.0.0.1:8545' --private-key $TEST_NET_SECU_PUB

Result

blockHash 0x0415285568ff35d767269a96df985c2afa9ed3bcfe95267c35d6c2ed84a9343d

blockNumber 2050981

contractAddress

cumulativeGasUsed 68074

effectiveGasPrice 3076562501

gasUsed 68074

logs [{"address":"0xc0cc44a995ee7bea6bc2564782cc92a2613ab87e","topics":["0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef","0x0000000000000000000000000000000000000000000000000000000000000000","0x000000000000000000000000***"],"data":"0x0000000000000000000000000000000000000000000000000de0b6b3a7640000","blockHash":"0x0415285568ff35d767269a96df985c2afa9ed3bcfe95267c35d6c2ed84a9343d","blockNumber":"0x1f4ba5","transactionHash":"0xd665b841daf7b46314d1d33c629b4e233d8598362f37d4967e53dbd455e211aa","transactionIndex":"0x0","logIndex":"0x0","transactionLogIndex":"0x0","removed":false}]

logsBloom 0x00000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000001000008000000000000000000000000000000000000000000000000020000000000000000000800000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000002000000000000000000000000000800000000000000000000000020001000000000000000000000000000000000000000000000000000000000000000

root

status 1

transactionHash 0xd665b841daf7b46314d1d33c629b4e233d8598362f37d4967e53dbd455e211aa

transactionIndex 0

type 2

cast call 0xc0cc44A995eE7bea6BC2564782CC92A2613ab87e\

"balanceOf(address)(uint256)" $ADMIN_ADDR\

--rpc-url 'http://127.0.0.1:8545'

Result

$: 1000000000000000000 #<- Value is 1000000000000000000

Impact

The impact is high for the following reasons:

Deployment Failure: This issue directly prevents the deployment of the contract on the Arbitrum network using Solidity 0.8.22, which is a significant obstacle for the project planning to deploy on Arbitrum.

Requirement of Version Downgrade: The need to downgrade the Solidity version to avoid this issue necessitates additional work, including re-auditing the contract. This adds time, cost, and complexity to the development process.

Potential for Unnoticed Deployment Issues: Developers might not immediately recognize this incompatibility, leading to wasted resources and potentially delayed project timelines.

Tools Used

Manual review and official documentation

https://docs.arbitrum.io/for-devs/concepts/differences-between-arbitrum-ethereum/solidity-support

https://book.getfoundry.sh/reference/config/solidity-compiler

Recommendations

Downgrade the contract's pragma version and test the implementation to ensure it works after the downgrade.

Always test your contract on a testnet before releasing it to ensure full functionality as expected.

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

Incompatible Pragma Version on Arbi

Information on compatibility here: https://docs.arbitrum.io/for-devs/concepts/differences-between-arbitrum-ethereum/solidity-support Impact - failed deployment - Protocol would need to adjust their pragma versions to be compatible and redeploy

billobaggebilleyan Auditor

over 1 year ago

patrickalphac Auditor

over 1 year ago

equious Auditor

over 1 year ago

inallhonesty Lead Judge over 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

Incompatible Pragma Version on Arbi

Rewards breakdown

nSLOC

116

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.