Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

speedy78214 - Improper initialization of L1StandardBridge will disable bridging ETH until at least one other asset is bridged #76

Open
sherlock-admin3 opened this issue Sep 25, 2024 · 0 comments
Open

speedy78214 - Improper initialization of L1StandardBridge will disable bridging ETH until at least one other asset is bridged #76

sherlock-admin3 opened this issue Sep 25, 2024 · 0 comments

Comments

@sherlock-admin3
Copy link
Contributor

sherlock-admin3 commented Sep 25, 2024
edited by sherlock-admin4
Loading

speedy78214

Medium

Improper initialization of L1StandardBridge will disable bridging ETH until at least one other asset is bridged

Summary

Improper initialization of L1StandardBridge will result in failure of bridging ETH as messenger is not properly instantiated

Root Cause

Internal pre-conditions

  • It will fail when other assets are not bridged via L1StandardBridge

External pre-conditions

No response

Attack Path

  1. L1StandardBridge is deployed and instantiated
  2. EOAs transfer ETH to bridge via L1StandardBridge.
  3. It will fails until other EOA bridged non-ETH asset using L1StandardBridge

Impact

The users will not able to bridge ETH until other assets are not bridged

PoC

Add the following test case to tokamak-thanos/packages/tokamak/contracts-bedrock/test/L1/L1StandardBridge.t.sol:L1StandardBridge_Receive_Test.

function test_deposit_eth_after_constructor() external virtual {
    L1StandardBridge impl = L1StandardBridge(deploy.mustGetAddress("L1StandardBridge"));
    (address alice, ) = makeAddrAndKey("alice");
    vm.deal(alice, 1 ether);
    vm.startPrank(alice);
    (bool success,) = address(impl).call{ value: 0.1 ether }(hex"");
    assertEq(success, true);
    vm.stopPrank();
}

Mitigation

Inside L1StandardBridge.sol:_initiateBridgeETH, L1CrossDomainMessenger(address(messenger)).sendMessage should be used instead of messenger.sendMessage

function _initiateBridgeETH(
        address _from,
        address _to,
        uint256 _amount,
        uint32 _minGasLimit,
        bytes memory _extraData
)
        internal
        override
{
...
- messenger.sendMessage(
+  L1CrossDomainMessenger(address(messenger)).sendMessage(
}
@sherlock-admin4 sherlock-admin4 changed the title Joyous Steel Wren - Improper initialization of L1StandardBridge will disable bridging ETH until at least one other asset is bridged speedy78214 - Improper initialization of L1StandardBridge will disable bridging ETH until at least one other asset is bridged Oct 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sherlock-admin3