Comments (10)
We cannot revert on the side of L2 since this has an immediate loss of data effect. That's why we do the call instead of a regular high level interface call. Hence, for us there is no difference if the verification function has failed due to the lack of gas or not.
Since cross-chain bridging interaction depends on off-chain computation for some networks, we have to accept that even without attacks there could be scenarios of wrongly supplied bridging parameters (if things are done outside of our SDK usage).
However, there is a processDataMaintenance()
function that is DAO-governed and can re-initiate lost or incorrectly interrupted _processData()
function calls. There is no 100% solution in such a sensitive cross-chain domain. Thus, the processDataMaintenance()
works as a stable arbitrage solution.
from 2024-05-olas-findings.
kupermind (sponsor) disputed
from 2024-05-olas-findings.
Hey @kupermind
A few questions:
We cannot revert on the side of L2 since this has an immediate loss of data effect. That's why we do the call instead of a regular high level interface call. Hence, for us there is no difference if the verification function has failed due to the lack of gas or not.
- In case it reverts due to out of gas error, can't you just save the data to be retried later?
- In case that
verifyInstanceAndGetEmissionsAmount()
indeed requires that amount of gas, are you ok with a situation where (almost) every message is being DoS-ed like this and requires manual intervention? - I'm trying to assess how likely is
verifyInstanceAndGetEmissionsAmount()
to consume so much gas (more than 882K gas units), do you have any input regarding that?
from 2024-05-olas-findings.
- Correct, and we can use DAO-controlled
processDataMaintenance()
function. - We don't expect this to happen just because of point 1. What is the point if your inflation is not going to be re-distributed between other parties anyway, and is under full control of the DAO if the delivery fails to re-deliver it.
- For now it's 65k gas at most, and following recommendations in a couple of issues we'll add a check for two more variables, making it to the total of maximum of 100k gas for the verification function.
We have done tests such that there is no excessive gas spending on L1 side. This turned out to have at most 11 staking contracts sent from L1 to L2. This is a relatively small amount of contracts to perform checks on, and we always have enough gas on L2.
from 2024-05-olas-findings.
Got it, given that the likelihood of the function requiring so much gas and the impact not being very high, I'm marking this as low
from 2024-05-olas-findings.
0xA5DF changed the severity to QA (Quality Assurance)
from 2024-05-olas-findings.
+1 low from #50
+1 low from #67
from 2024-05-olas-findings.
0xA5DF marked the issue as grade-b
from 2024-05-olas-findings.
0xA5DF marked the issue as grade-a
from 2024-05-olas-findings.
For awarding purposes, C4 staff have marked as 3rd place.
from 2024-05-olas-findings.
Related Issues (20)
- `stakingIncentive` is not transffered onto the next epoch which is a deviation from the spec HOT 7
- setFxChildTunnel Does Not Update l2TargetDispenser in PolygonDepositProcessorL1.sol (Potential Message Loss) HOT 6
- Desynchronized Nominee Data After Nominee Removal. HOT 1
- QA Report HOT 2
- QA Report HOT 6
- QA Report HOT 7
- QA Report HOT 1
- Gas Optimizations HOT 2
- QA Report HOT 2
- QA Report HOT 4
- QA Report HOT 6
- QA Report HOT 1
- Upgraded Q -> 2 from #34 [1720018599046] HOT 2
- Upgraded Q -> 2 from #34 [1720018773609] HOT 2
- Upgraded Q -> 2 from #7 [1720019193236] HOT 2
- Upgraded Q -> 2 from #108 [1720182273590] HOT 2
- Upgraded Q -> 2 from #108 [1720182372513] HOT 3
- Upgraded Q -> 2 from #114 [1720183356196] HOT 4
- Lack of support for specific tokens HOT 1
- Upgraded Q -> 2 from #115 [1720340805863] HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from 2024-05-olas-findings.