Beanstalk: The Finale
Beanstalk
DeFiHardhatFoundry
250,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Improper validation of create2 address bytecode

MSaptarshi007

Vulnerability Details

BeanstalkERC20 bean = deployBean(beanSupply);
// deploy new unripe bean contract.
BeanstalkERC20 urBeanERC20 = deployUnripeBean(unripeBeanSupply);
// deploy new unripe lp contract.
BeanstalkERC20 urBeanLPERC20 = deployUnripeLP(unripeLpSupply);
// wells are deployed as ERC1967Proxies in order to allow for future upgrades.
// deploy new beanEthWell contract.
deployBeanEthWell(bean, beanEthAmounts);
// deploy new beanWstEthWell contract.
deployBeanWstEthWell(bean, beanWstethAmounts);
// deploy new beanStableWell contract.
deployBeanStableWell(bean, beanStableAmounts);

Impact

The ReseadBean.init() function is used to deploy lightweight proxy contracts. The function does not revert properly if there is a failed contract deployment or revert from the create2 opcode as it does not properly check the returned address for bytecode. The create2 opcode returns the expected address which will never be the zero address.

Tools Used

Code review

Recommendations

Have a check for each of the deploymenr

iszero(extcodesize(result))
revert
Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Informational/Gas

Invalid as per docs https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity

Appeal created

MSaptarshi007 Submitter
about 1 year ago
inallhonesty Lead Judge
about 1 year ago
inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Informational/Gas

Invalid as per docs https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.