Zaros Part 1
Zaros
DeFiFoundry
60,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Missing Zero Address Check in GlobalConfigurationBranch::configureSequencerUptimeFeedByChainId function

ayoashy

Summary

The GlobalConfigurationBranch::configureSequencerUptimeFeedByChainId function lacks validation to check for zero addresses in the sequencerUptimeFeedAddresses array. This could lead to setting an invalid address as a sequencer uptime feed, potentially disrupting protocol operations.

Vulnerability Details

The GlobalConfigurationBranch::configureSequencerUptimeFeedByChainId function allows the owner to configure sequencer uptime feed addresses for multiple chain IDs. While the function checks that both arrays (chainIds and sequencerUptimeFeedAddresses) are non-empty and have matching lengths, it does not verify that the addresses in the sequencerUptimeFeedAddresses array are non-zero.

Here is a relevant code snippet:

function configureSequencerUptimeFeedByChainId(
uint256[] memory chainIds,
address[] memory sequencerUptimeFeedAddresses
)
external
onlyOwner
{
if (chainIds.length == 0) {
revert Errors.ZeroInput("chainIds");
}
if (sequencerUptimeFeedAddresses.length == 0) {
revert Errors.ZeroInput("sequencerUptimeFeedAddresses");
}
if (chainIds.length != sequencerUptimeFeedAddresses.length) {
revert Errors.ArrayLengthMismatch(chainIds.length, sequencerUptimeFeedAddresses.length);
}
GlobalConfiguration.Data storage globalConfiguration = GlobalConfiguration.load();
for (uint256 i; i < chainIds.length; i++) {
globalConfiguration.sequencerUptimeFeedByChainId[chainIds[i]] = sequencerUptimeFeedAddresses[i];
emit LogSetSequencerUptimeFeed(msg.sender, chainIds[i], sequencerUptimeFeedAddresses[i]);
}
}

https://github.com/Cyfrin/2024-07-zaros/blob/main/src/perpetuals/branches/GlobalConfigurationBranch.sol#L591-L620

Impact

If a zero address is set as a sequencer uptime feed, it can lead to:

  1. Failed or unexpected behavior in protocols relying on the uptime feed.

  2. Disruptions in protocol operations, especially in functionalities dependent on accurate uptime feeds.

Tools Used

Manual Review

Recommendations

To mitigate this risk, a check should be added inside the for-loop to ensure that none of the addresses in the sequencerUptimeFeedAddresses array is a zero address. The following code snippet illustrates this:

for (uint256 i; i < chainIds.length; i++) {
if (sequencerUptimeFeedAddresses[i] == address(0)) {
revert Errors.ZeroInput("sequencerUptimeFeedAddress");
}
globalConfiguration.sequencerUptimeFeedByChainId[chainIds[i]] = sequencerUptimeFeedAddresses[i];
emit LogSetSequencerUptimeFeed(msg.sender, chainIds[i], sequencerUptimeFeedAddresses[i]);
}

This additional check will prevent zero addresses from being set, ensuring the integrity and reliability of the sequencer uptime feeds.

Updates

Lead Judging Commences

inallhonesty Lead Judge
over 1 year ago
inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.