In L2EthToken.sol we have transferFromTo() It is possible malicious or hacked admin to steal the ETH.
As can be seen from the code snippet below, nothing can stop malicious or hacked admin to steal all ETH. He can use address _from and send the ETH to address _to.
I see from the NatSpec that function can be called only by trusted system contracts, but for greater safety it is good to add timelock mechanism.
function transferFromTo(address _from, address _to, uint256 _amount) external override {
require(
msg.sender == MSG_VALUE_SYSTEM_CONTRACT ||
msg.sender == address(DEPLOYER_SYSTEM_CONTRACT) ||
msg.sender == BOOTLOADER_FORMAL_ADDRESS,
"Only system contracts with special access can call this method"
);
uint256 fromBalance = balance[_from];
require(fromBalance >= _amount, "Transfer amount exceeds balance");
unchecked {
balance[_from] = fromBalance - _amount;
// Overflow not possible: the sum of all balances is capped by totalSupply, and the sum is preserved by
// decrementing then incrementing.
balance[_to] += _amount;
}
emit Transfer(_from, _to, _amount);
}
Manual Review
For more certain it is good to add timelock mechanism.
The text was updated successfully, but these errors were encountered:
All reactions