Skip to content
This repository has been archived by the owner on May 26, 2023. It is now read-only.

cmichel - Spec: Wrong L2OutputOracle interface #91

Open
github-actions bot opened this issue Feb 20, 2023 · 0 comments
Open

cmichel - Spec: Wrong L2OutputOracle interface #91

github-actions bot opened this issue Feb 20, 2023 · 0 comments
Labels
Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Reward A payout will be made for this issue Specification An issue related to the specification (low severity)

Comments

@github-actions
Copy link

cmichel

low

Spec: Wrong L2OutputOracle interface

Summary

Wrong L2OutputOracle interface in the specs.

Vulnerability Detail

The proposals.md specification file shows a wrong L2OutputOracle interface:

  • function getNextBlockNumber() public view returns (uint256) does not exist. It should be function nextBlockNumber() public view returns (uint256)
/**
 * @notice The number of the first L2 block recorded in this contract.
 */
uint256 public startingBlockNumber;

/**
 * @notice The timestamp of the first L2 block recorded in this contract.
 */
uint256 public startingTimestamp;

/**
 * @notice Accepts an L2 outputRoot and the timestamp of the corresponding L2 block. The
 * timestamp must be equal to the current value returned by `nextTimestamp()` in order to be
 * accepted.
 * This function may only be called by the Proposer.
 *
 * @param _l2Output      The L2 output of the checkpoint block.
 * @param _l2BlockNumber The L2 block number that resulted in _l2Output.
 * @param _l1Blockhash   A block hash which must be included in the current chain.
 * @param _l1BlockNumber The block number with the specified block hash.
*/
  function proposeL2Output(
      bytes32 _l2Output,
      uint256 _l2BlockNumber,
      bytes32 _l1Blockhash,
      uint256 _l1BlockNumber
  )

/**
 * @notice Deletes all output proposals after and including the proposal that corresponds to
 *         the given output index. Only the challenger address can delete outputs.
 *
 * @param _l2OutputIndex Index of the first L2 output to be deleted. All outputs after this
 *                       output will also be deleted.
 */
function deleteL2Outputs(uint256 _l2OutputIndex) external

/**
 * @notice Computes the block number of the next L2 block that needs to be checkpointed.
 */
 // @audit is called `function nextBlockNumber() public view returns (uint256)`
function getNextBlockNumber() public view returns (uint256)

Impact

Users usually go to the docs & specification to see how to integrate a project. Integrating Optimisim's L2OutputOracle based on the specification will lead to errors.

Code Snippet

https://github.com/ethereum-optimism/optimism/blob/3f4b3c328153a8aa03611158b6984d624b17c1d9/specs/proposals.md?plain=1#L142

Tool used

Manual Review

Recommendation

Use the correct interface by fixing the mentioned issues.
@github-actions github-actions bot added Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Specification An issue related to the specification (low severity) labels Feb 20, 2023
@github-actions github-actions bot mentioned this issue Feb 20, 2023
Closed
@sherlock-admin sherlock-admin added the Reward A payout will be made for this issue label Feb 21, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Reward A payout will be made for this issue Specification An issue related to the specification (low severity)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sherlock-admin