Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(contracts): bug fixing based on openzeppelin's audit #558

Merged
merged 8 commits into from Jun 15, 2023
Merged

fix(contracts): bug fixing based on openzeppelin's audit #558

merged 8 commits into from Jun 15, 2023

Conversation

zimpha
Copy link
Member

@zimpha zimpha commented Jun 12, 2023
edited

Purpose or design rationale of this PR

This PR fix bugs found in openzeppelin's audit

  • use 0x80 to encode rlp(0)
    • The geth use 0x80 to encode 0 in a special way. (0 can be encoded both as 0x00 and 0x80)
  • remove withdrawRoot from importGenesisBatch
    • We keep this for unit testing before. The PR use another method to handle unit testing and thus remove this parameter.
  • remove isL1MessageRelayed
    • This variable is not used anymore in our new design. We forget to remove this variable before auditing.
  • fix storage slot in L2ScrollMessenger
    • Some variables are removed in ScrollMessengerBase, the slot used in verifyMessageExecutionStatus and verifyMessageInclusionStatus should be fixed.
  • use call in WETH9.withdraw
    • The copied WETH9 code uses transfer to withdraw ETH, which may run out of gas in some cases.

PR title

Your PR title must follow conventional commits (as we are doing squash merge for each PR), so it must start with one of the following types:

  • build: Changes that affect the build system or external dependencies (example scopes: yarn, eslint, typescript)
  • ci: Changes to our CI configuration files and scripts (example scopes: vercel, github, cypress)
  • docs: Documentation-only changes
  • feat: A new feature
  • fix: A bug fix
  • perf: A code change that improves performance
  • refactor: A code change that doesn't fix a bug, or add a feature, or improves performance
  • style: Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc)
  • test: Adding missing tests or correcting existing tests

Deployment tag versioning

Has tag in common/version.go been updated?

  • No, this PR doesn't involve a new deployment, git tag, docker image tag
  • Yes

Breaking change label

Does this PR have the breaking-change label?

  • No, this PR is not a breaking change
  • Yes

@zimpha zimpha requested review from maxwolff, Thegaram, iczc and HAOYUatHZ and removed request for maxwolff June 12, 2023 05:39
@zimpha
Copy link
Member Author

zimpha commented Jun 12, 2023

@maxwolff Could you help to add more cases in l2geth like integer value in [0, 1, 127, 128, uint256.max], bytes with length 1 and values from [0, 1, 127, 128].

@github-actions
Copy link

github-actions bot commented Jun 12, 2023
edited

LCOV of commit d53a334 during Contracts #864

Summary coverage rate:
  lines......: 46.9% (744 of 1588 lines)
  functions..: 57.8% (155 of 268 functions)
  branches...: no data found

Files changed coverage rate: n/a

@HAOYUatHZ HAOYUatHZ merged commit 16e0cbf into develop Jun 15, 2023
9 checks passed
@HAOYUatHZ HAOYUatHZ deleted the bugfix/contract_audit_fixing branch June 15, 2023 09:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Thegaram Thegaram Thegaram approved these changes

@iczc iczc iczc approved these changes

@maxwolff maxwolff Awaiting requested review from maxwolff

@HAOYUatHZ HAOYUatHZ Awaiting requested review from HAOYUatHZ

Assignees
No one assigned
Labels
breaking-change
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@zimpha @Thegaram @iczc @HAOYUatHZ