Beanstalk: The Finale

Beanstalk

DeFiHardhatFoundry

250,000 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

Beans migration is not possible due to missing gas fee

holydevoti0n

Summary

The migrateL2Beans function in the BeanL2MigrationFacet contract fails to migrate Beans from Ethereum to L2 because it lacks the ability to receive Ether through msg.value, which is necessary to cover the gas fee for the sendMessage function.

Vulnerability Details

The migrateL2Beans function does not include the payable modifier, preventing it from receiving Ether needed for the gas fee in the sendMessage function call.

contract BeanL2MigrationFacet is Invariable, ReentrancyGuard {

address constant BRIDGE = address(0x866E82a600A1414e583f7F13623F1aC5d58b0Afa);

/**

* @notice migrates `amount` of Beans to L2,

* issued to `reciever`.

function migrateL2Beans(

address reciever,

address L2Beanstalk,

uint256 amount,

uint32 gasLimit

@> ) external nonReentrant {

C.bean().burnFrom(msg.sender, amount);

// send data to

IL2Bridge(BRIDGE).sendMessage(

L2Beanstalk,

abi.encodeCall(IBeanL1RecieverFacet(L2Beanstalk).recieveL1Beans, (reciever, amount)),

gasLimit

);

}

The function cannot receive Ether because it lacks the payable modifier, resulting in the inability to provide the necessary gas fee for the sendMessage function call.

Impact

DoS - Due to the inability to cover the gas fee, the Beans migration process from Ethereum to L2 is not possible.

Tools Used

Manual Review

https://docs.optimism.io/stack/protocol/rollup/deposit-flow

Recommendations

Add a payablemodifier for the function and also a check to ensure the gas fees are being sent.

function migrateL2Beans(

address reciever,

address L2Beanstalk,

uint256 amount,

uint32 gasLimit

- ) external nonReentrant {

+ ) external payable nonReentrant {

+ require(msg.value > 0, "Gas payment is required");

C.bean().burnFrom(msg.sender, amount);

// send data to

IL2Bridge(BRIDGE).sendMessage(

L2Beanstalk,

abi.encodeCall(IBeanL1RecieverFacet(L2Beanstalk).recieveL1Beans, (reciever, amount)),

gasLimit

);

}

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Assigned finding tags:

Beans migration is not possible due to missing gas fee

Appeal created

holydevoti0n Submitter

12 months ago

golanger85 Auditor

12 months ago

inallhonesty Lead Judge

12 months ago

inallhonesty Lead Judge 12 months ago

Submission Judgement Published

Invalidated

Reason: Known issue

Assigned finding tags:

Beans migration is not possible due to missing gas fee

Prize pool breakdown

Total prize

250,000 USDC

nSLOC

12,285

20 USDC / LOC

High Medium

220,000 USDC

Low

10,000 USDC

Judges

20,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.