Beanstalk: The Finale
Beanstalk
DeFiHardhatFoundry
250,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

WellPrice.sol assumes Beanstalk will have the same address on L2 after migration

T1MOH

Summary

BEANSTALK is hardcoded to 0xC1E088fC1323b20BCBee9bd1B9fC9546db5624C5 and further used in code to get BDV:

function getConstantProductWell(address wellAddress) public view returns (P.Pool memory pool) {
...
@> try BEANSTALK.bdv(wellAddress, WELL_DECIMALS) returns (uint256 bdv) {
pool.lpBdv = bdv;
} catch {}
}

However after migration Beanstalk address will differ from hardcoded 0xC1E088fC1323b20BCBee9bd1B9fC9546db5624C5 because of 2 reasons:

  1. ZkSync has different formula for address derivation https://docs.zksync.io/build/developer-reference/ethereum-differences/evm-instructions#address-derivation

  2. Originally on Mainnet Beanstalk was deployed in 8th transaction from address Beanstalk: Publius according to Etherscan. Theoretically it's possible to deploy into the same address on L2, however it's not done currently which can be derived from the Reseed scripts: firstly all the facets deployed, and only then Diamond contract

Impact

WellPrice.sol and BeanstalkPrice.sol will not work after migration.

Tools Used

Manual Review

Recommendations

Pass Beanstalk address into constructor in WellPrice.sol

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.