Omniscia Mitosis Audit
ArbitrumBridgeAdapter Static Analysis Findings
ArbitrumBridgeAdapter Static Analysis Findings
ABA-01S: Inexistent Event Emissions
Type | Severity | Location |
---|---|---|
Language Specific | ArbitrumBridgeAdapter.sol:L25-L27, L29-L31 |
Description:
The linked functions adjust sensitive contract variables yet do not emit an event for it.
Example:
25function setMaxGas(uint32 _maxGas) external onlyOwner {26 maxGas = _maxGas;27}
Recommendation:
We advise an event
to be declared and correspondingly emitted for each function to ensure off-chain processes can properly react to this system adjustment.
Alleviation (58e8cc66dfa900c03c47df78f5170d9960005629):
The ATMSet
, GasSet
, and BridgeSet
events were introduced to the codebase and are correspondingly emitted in the ArbitrumBridgeAdapter::_setATM
, ArbitrumBridgeAdapter::_setGas
, and ArbitrumBridgeAdapter::_setBridge
functions respectively, addressing this exhibit in full.
ABA-02S: Inexistent Sanitization of Input Address
Type | Severity | Location |
---|---|---|
Input Sanitization | ArbitrumBridgeAdapter.sol:L17-L23 |
Description:
The linked function accepts an address
argument yet does not properly sanitize it.
Impact:
The presence of zero-value addresses, especially in constructor
implementations, can cause the contract to be permanently inoperable. These checks are advised as zero-value inputs are a common side-effect of off-chain software related bugs.
Example:
17constructor(IArbitrumGateway _bridge, uint32 _maxGas, uint32 _gasPriceBid) Ownable() {18 bridge = _bridge;19
20 maxGas = _maxGas; // 13000021
22 gasPriceBid = _gasPriceBid; // 30000000023}
Recommendation:
We advise some basic sanitization to be put in place by ensuring that the address
specified is non-zero.
Alleviation (58e8cc66dfa900c03c47df78f5170d9960005629):
All input argument(s) of the ArbitrumBridgeAdapter::_setATM
, and ArbitrumBridgeAdapter::_setBridge
functions are adequately sanitized as non-zero in the latest in-scope revision of the codebase, addressing this exhibit.
ABA-03S: Potential Lock of Native Assets
Type | Severity | Location |
---|---|---|
Language Specific | ArbitrumBridgeAdapter.sol:L48 |
Description:
The linked receive
/ fallback
function performs no sanitization as to its caller and no function within the contract expects funds to have been received directly by the contract.
Impact:
Any native funds accidentally sent to the contract may be forever locked.
Example:
48receive() external payable {}
Recommendation:
We advise the code to properly prohibit accidental native assets from being permanently locked in the contract by introducing a require
check restricting the msg.sender
to the contract(s) expected to transfer assets to the system (i.e. in case of a wrapped native version of an asset, only the WXXX
contract address should be allowed). Alternatively, if the contract is not expected to receive native assets directly the function should be removed in its entirety.
Alleviation (58e8cc66dfa900c03c47df78f5170d9960005629):
The ArbitrumBridgeAdapter::receive
function was updated to solely receive native funds from the designated atm
entry, preventing accidental lock of funds to the contract and thus alleviating this exhibit.