Fjord Token Staking

Description

The AuctionFactory::createAuction function claims to use the create2 opcode to create new auction contracts, as indicated by the NatSpec comment above the function. However, the implementation does not explicitly use create2 for deterministic contract creation. Instead, it uses the new keyword with a salt, which does not guarantee deterministic address generation unless the underlying EVM utilizes create2, which is not explicitly indicated in the code.

This discrepancy between the documentation and the actual implementation could lead to confusion for developers and users who rely on the NatSpec comments for understanding the behavior of the contract.

Impact

• Developer Misunderstanding: Developers may incorrectly assume that the auction contracts are deployed with deterministic addresses using create2, potentially leading to flawed system designs or assumptions.

• User Confusion: Users might expect certain properties from the contract deployment, such as the ability to pre-calculate the address of the new contract, which is not possible with the current implementation.

• Security Considerations: If create2 was intended for security purposes (e.g., for predictability or ensuring certain deployment guarantees), not using it could introduce unexpected risks.

Proof of Concept

The NatSpec comment in the AuctionFactory::createAuction function states:

However, the function implementation does not utilize create2:

The lack of create2 usage means that the address of the new auction contract is not deterministically generated based on the salt, deployer address, and bytecode as one might expect from reading the documentation.

Recommended Mitigation

• Update NatSpec Documentation: If deterministic address creation using create2 is not required, update the NatSpec comments to accurately describe the contract creation process, removing any mention of create2.

• Implement create2: If deterministic address creation is necessary, modify the AuctionFactory::createAuction function to explicitly use create2 for deploying the FjordAuction contract. This can be achieved by manually constructing the contract's bytecode and deploying it with the create2 opcode within an inline assembly block.

Classification: Documentation and Functional Discrepancy

This issue is classified under two categories:

1. Documentation Issue: The NatSpec documentation incorrectly describes the functionality of the AuctionFactory::createAuction function, which may lead to misunderstandings.

2. Functional Discrepancy: There is a mismatch between the intended or perceived functionality (using create2 for deterministic contract creation) and the actual implementation.

Severity: Low to Medium

• Low Severity: If the discrepancy is purely a matter of documentation and does not impact the functionality of the contract, this would be a low-severity issue. It can be resolved by simply updating the documentation to match the implementation.

• Medium Severity: If the expectation was that create2 would be used for security or functional reasons (e.g., needing deterministic contract addresses for system design, predictability, or security guarantees), then the issue would be classified as medium severity. The mismatch could potentially lead to incorrect assumptions and vulnerabilities in systems that rely on deterministic addresses.