Liquid Staking

Summary

This report evaluates a deployment script that utilizes Hardhat and Ethers.js to interact with the Metis blockchain. The script performs network switching and deploys two smart contracts: SequencerRewardsCCIPSender and BurnMintERC677 (Wrapped stMETIS Token). The contracts are deployed in an upgradeable format to allow future modifications without redeploying the entire contract. The deployment process includes switching to the Metis network, fetching an existing METISToken contract, and updating deployment records.

Vulnerability Details

Network Switching Failure: The switchNetwork function relies on an HTTP POST request to a server running on a specified host and port (http://<host>:1248). If the host argument is improperly defined (as seen with an empty string in switchNetwork(1088, '')), this could lead to network switching failures, causing the deployment process to halt.

Zero Address Use: The use of ethers.constants.AddressZero as placeholders for critical contract addresses (e.g., the CCIP router and rewards transfer initiator) may cause vulnerabilities if not replaced with valid addresses in production. This can result in contracts with incomplete functionality or critical processes being unauthorized.

Lack of Error Handling in Contract Fetching: The getContract('METISToken') function assumes that the contract is available and deployed. If the contract is missing or the address/ABI is incorrect, the deployment process will fail. This function does not currently have robust error handling to account for such issues.

Impact

Network Switching Issues: If the script fails to switch to the Metis network due to an incorrect or undefined host, the entire deployment process will be interrupted, preventing the deployment of smart contracts. This issue affects the continuity of the deployment pipeline, especially when automating contract deployment to multiple environments.

Zero Address Usage: Placeholder addresses may lead to invalid contract operations or the inability to complete cross-chain reward transfers. In production environments, this could result in severe operational failures, where rewards are not correctly distributed or handled, ultimately affecting platform functionality and user trust.

Contract Fetching Failure: If the METISToken contract is unavailable or not fetched correctly, subsequent deployment steps will fail. This affects projects relying on token interactions, particularly those with tokenomics or reward distribution mechanisms dependent on the METISToken.

Tools Used

Hardhat: A development environment to compile, deploy, and test smart contracts.

Recommendations

Validate Host Argument for Network Switching: Ensure that the host argument in the switchNetwork function is correctly defined before the function is called. In production environments, consider dynamically fetching the host from configuration files or environment variables to improve flexibility and reduce errors related to misconfigured hosts.

Replace Zero Addresses: Review the use of ethers.constants.AddressZero in the RewardsSenderArgs and replace them with the appropriate contract addresses before deploying to production. This will prevent issues related to unauthorized operations and ensure that the CCIP router and transfer initiator are correctly set up.

Improve Contract Fetching Error Handling: Add error handling to the getContract function to manage situations where the METISToken contract is unavailable or the contract address is incorrect. This could involve checking if the contract is deployed on-chain before attempting to interact with it and logging detailed error messages.

Use Environment-Specific Configuration: Consider creating different configurations for development, staging, and production environments. This will help avoid using placeholder addresses or incorrect network hosts in production, ensuring smoother deployment processes.Security and Deployment Analysis of Metis Network Smart Contract Deployment Script