Beginner FriendlyDeFiFoundry
100 EXP
View results
Submission Details
Severity: high
Valid

Wrong address in deploy script

Summary

The s_zkSyncUSDC variable in Deploy.s.sol contains an incorrect address, making it point to the wrong contract.

Vulnerability Details

In Deploy.s.sol , the s_zkSyncUSDC variable is initialized with the address 0xf69aaa25bd4dd10deb2ccd8235266f7cc815f6e9d539e9f4d47cae16e0c36a05. However, this is not the real address for the zkSync USDC token contract.

Impact

Any code that relies on s_zkSyncUSDC to interact with the zkSync USDC token contract will instead interact with the wrong contract at the invalid address. This can lead to loss of funds, failed transactions, and other issues.

Tools Used

Manual review

Recommendations

Update the s_zkSyncUSDC variable in Deploy.s.sol to contain the correct address: 0x1d17CBcF0D6D143135aE902365D2E5e2A16538D4

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

usdc-wrong-address

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.