Token-0x

First Flight #54

Beginner FriendlyDeFi

100 EXP

View results

Previous Next

Submission Details

Severity: high

Valid

Yul block contains return

web3belmont

Root + Impact

Description

Describe the normal behavior in one or more sentences
The function uses inline assembly t
1. load the storage slot of _totalsupply
2. Read the value via sload
3. store it in memory at offset 0x00
4. Retrun 32 bytess from memory using return(0x00, 0x20)
This ie equivqlent to a solidity return statement but optimized for gas
Explain the specific issue or problem in one or more sentences
The implementation here might be of low risk, the general use of assembly with return introduces unnecessary complexity and exosure to some compiler optimization can lead to subtle bugs

function totalSupply_() internal view returns (uint256) {

assembly {

let slot := _totalSupply.slot

let supply := sload(slot)

mstore(0x00, supply)

@> return(0x00, 0x20)

}

Risk

Likelihood: low

Reason 1 // Describe WHEN this will occur (avoid using "if" statements)
Reason 2 //the yul block does not contain a return statement, which directly invokes the RETURN opcode.

Impact:low

Impact 1 // assembly bypassess solidity safe checks, which makes the code prone to errors
Impact 2//triggers optimizer bugs or layout issues.

Proof of Concept

In high context;

adding conditions increases exploit surface area especially in proxies and libraries where storage is not structured.

assembly {

let slot := _totalSupply.slot

let supply := sload(slot)

if iszero(supply) { return(0x00, 0x20) }

sstore(slot, add(supply, 1))

mstore(0x00, supply)

return(0x00, 0x20)

}

Recommended Mitigation

Rewrite without assembly for clarity and safety(slight gas increase)

function totalsupply() internal view returns (uint256) {

return _totalsupply;

}

Updates

Lead Judging Commences

gaurangbrdv Lead Judge 19 days ago

Submission Judgement Published

Invalidated

Reason: Lack of quality

Appeal created

gaurangbrdv Lead Judge 14 days ago

Submission Judgement Published

Validated

Assigned finding tags:

opcode disaster

the vulnerabilities related to incorrect opcode used

Rewards breakdown

nSLOC

222

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!