Arbitrum should use `ArbSys(100).arbBlockNumber()` as L2 block number
Arbitrum should use ArbSys(100).arbBlockNumber() as L2 block number
Code snippets
https://github.com/Cyfrin/2024-12-quantamm/blob/main/pkg/pool-hooks/contracts/hooks-quantamm/UpliftOnlyExample.sol#L610
Summary
On Arbitrum, L2 block number is retrieved by ArbSys(100).arbBlockNumber() instead of block.number. But UpliftOnlyExample.afterUpdate function still uses block.number to set blockTimestampDeposit which leads to wrong data.
Vulnerability Details
The vulnerability exists in the afterUpdate function of the UpliftOnlyExample contract.
block.number on Arbitrum
On Arbitrum, block.number represents the L1 block number instead of the L2 block number. This causes the blockTimestampDeposit field to store incorrect values when deployed on Arbitrum.
Impact
Incorrect blockTimestampDeposit values can disrupt time-sensitive logic or operations that rely on accurate L2 block numbers.
Tools Used
Manual Review
Recommendations
In arbirtrum, use ArbSys(100).arbBlockNumber() instead of block.number.
Lead Judging Commences
invalid_Arbitrum_block_number
The real bug is that blockTimestampDeposit should use “block.timestamp” and not number.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.