Locked ETH in L2ContractMigrationFacet.sol
Summary
This report identifies a potential issue in L2ContractMigrationFacet.sol that could lead to locked ETH within the contract. The issue is related to the redeemDepositsAndInternalBalances function being marked as payable even though it does not process ETH payments.
Vulnerability Details
The redeemDepositsAndInternalBalances function in the L2ContractMigrationFacet contract allows contracts to redeem deposits and internal balances onto an L2 address. However, the function is marked as payable. This means that users could accidentally or intentionally send ETH along with the function call.
The contract currently lacks functionality to handle this ETH. Since the function doesn't expect ETH payments, it doesn't process them and the sent ETH would be locked in the contract.
Impact
Loss of funds: Any ETH accidentally or intentionally sent through redeemDepositsAndInternalBalances will be locked in the contract and inaccessible.
Tools Used
Manual code review
Recommendations
-
Remove the payable modifier from the redeemDepositsAndInternalBalances function. This will prevent users from accidentally sending ETH along with the function call.
-
If the contract ever needs to accept ETH payments for future functionalities related to migration, implement a secure mechanism to handle them. This mechanism should clearly explain the purpose of ETH payments and ensure proper processing and withdrawal for authorized users.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.