4 matches found
Lack of reentrancy protection in L1ERC721Bridge.sol
Lines of code Vulnerability details Summary Calling IERC721.transferFrom in the L1ERC721Bridge.initiateBridgeERC721 after writing the deposit makes a reentrancy attack possible if there is a callback before transfer in the localToken contract we will name such a contract ERC721Callback...
Attacker can steal CrossDomainMessenger and OptimismPortal token balances or tokens of anyone give approval for those contracts
Lines of code Vulnerability details Impact Contracts CrossDomainMessenger and OptimismPortal are part of the bridge protocol and they are responsible for sending messages between two network. they both call arbitrary address with arbitrary data that user specified and it would give attacker to...
Pausing Optimism Portal only pauses withdrawals, can result in locked or lost funds
Lines of code Vulnerability details The comment over OptimismPortal.pause indicates pause should affect both deposits and withdrawls. Currently, only finalizeWithdrawalTransaction and proveWithdrawlTransaction implement the whenNotPaused modifier. Both depositTransaction and donateETH do not...
Aliasing L1 sender on L2
Lines of code Vulnerability details Impact If a contract on L1 has the same address as a contract on L2 but doesn't have the same code, we will have a critical issue, as funds will be lost. Proof of Concept Both Optimism and Arbitrum implements applyL1ToL2Alias / undoL1ToL2Alias logic to prevent ...