Part 2

Zaros

PerpetualsDEXFoundrySolidity

70,000 USDC

View results

Previous Next

Submission Details

Severity: low

Valid

ERC7201 implemented in correctly may introduce storage complications in future hard forks.

thedoctor

Summary

ERC-7201 (formerly EIP-7201) is a standard for grouping storage variables together by a common identifier called a namespace, and also to document the group of variables via NatSpec annotation. The purpose of the standard is to simplify managing storage variables during upgrades.

The formula proposed above is used to guarantee a crucial property of the new root: that it does not collide with an original grammar element — i.e. the possible space of storage locations the Solidity compiler could assign a variable to by default.

Tree Proxy Pattern is our novel modular, and opinionated proxy pattern solution designed to address key industry problems faced by large smart contract systems, by introducing the following solutions:

Simplified terminology (Compared to e.g EIP-2535)
EIP-7201 compatible
Clear testing paths (leveraging BTT)
Composability over inheritance
Upgradeability

Vulnerability Details

Contracts Affected in leaves directory:
```

│ ├── leaves/
│ │ ├── AssetSwapPath.sol
│ │ ├── Collateral.sol
│ │ ├── CreditDelegation.sol
│ │ ├── DexSwapStrategy.sol
│ │ ├── Distribution.sol
│ │ ├── LiveMarkets.sol
│ │ ├── Market.sol
│ │ ├── MarketMakingEngineConfiguration.sol
│ │ ├── StabilityConfiguration.sol
│ │ ├── Swap.sol
│ │ ├── UsdTokenSwapConfig.sol
│ │ ├── Vault.sol
│ │ └── WithdrawalRequest.sol

```

Implemented codes specified ERC-7201 but was not implemented correctly. The full formula is keccak256(keccak256(namespace) - 1) & ~0xff. It is missing the & ~0xff for all the contracts in leaves directory.

Performing the AND NOT 0xff operation transforms the rightmost byte of the location to 00. This prepares for a future upgrade when Ethereum switches its storage data structure to Verkle Trees and 256 adjacent slots can be warmed at once.
E.g in AssetSwapPath.sol:

/// @notice ERC7201 storage location.

bytes32 internal constant ASSET_SWAP_STRATEGY_LOCATION =

keccak256(abi.encode(uint256(keccak256("fi.zaros.market-making.AssetSwapPath")) - 1));

Impact

There can be storage slot issues when Ethereum hard forks, causing the protocol to have potential storage collision due to upgrades.

Tools Used

Recommendations

Include the & ~0xfffor all contracts implemented in leaves directory.

Updates

Lead Judging Commences

inallhonesty Lead Judge 5 months ago

Submission Judgement Published

Validated

Assigned finding tags:

ERC7201 implemented incorrectly

Prize pool breakdown

Total prize

70,000 USDC

nSLOC

3,258

21 USDC / LOC

High Medium

66,500

Low

3,500

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.