New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: [M-01] zkSync limits #328
Conversation
Signed-off-by: Matt Rice <matthewcrice32@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems like the most straightforward implementation of this and I like that the default case doesn't use the proxy. In the case where we do get limited, how would the remedy work.
Would we deploy the proxy and try again? and if we get limited again, then we redeploy yet again? I'm kind of skeptical that the HubPool would ever get limited and we'd subsequently be able to bypass the limit with another address.
It seems like if zksync truly wanted to censor us they could keep updating their limits for our new proxy addresses so the only way around it in that case would be to split the sends up by multiple callers... but if it ever comes to that we probably have bigger problems
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM - there are multiple instances of SolHint issues and I wonder if we should modify the linter config or modify the code to conform to it
// A modified ZKSync_Adapter should be deployed with this address swapped in for all zkSync addresses. | ||
contract LimitBypassProxy is ZkSyncInterface, ZkBridgeLike { | ||
using SafeERC20 for IERC20; | ||
ZkSyncInterface public constant zkSync = ZkSyncInterface(0x32400084C286CF3E17e7B677ea9583e60a000324); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Solhint
is indicating that this should be in uppercase snake case ZKSYNC
. Should we modify the solhint?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@james-a-morris @pxrl Since we generally don't snake case contract interfaces, I removed the solhint warning for now to appease the linter and kept this consistent. If we decide to change in the future, we can revert this config change. But for the audit, I wanted to avoid making any changes outside of the scope.
Signed-off-by: Matt Rice <matthewcrice32@gmail.com>
Agreed, we would basically be deploying a new adapter with a new proxy address over and over. An auto-deploy would be a little better, but would also be more complex, so I wanted to avoid doing something overly complicated for something that is unlikely to be needed. |
This PR adds a proxy contract that could be used to bypass zk sync deposit limits by address. To allow for this proxy to be swapped out, the ETH sending address was separated from the address used to send contract calls, so one could be swapped out without affecting the other.