CVE-2024-34704

era-compiler-solidity is the ZKsync compiler for Solidity. The problem occurred during instruction selection in the DAGCombine phase while visiting the XOR operation. The issue arises when attempting to fold the expression !x cc y into x !cc y. To perform this transformation, the second operand o...

IDOL: Improved Different Optimization Levels Testing for Solidity Compilers

As blockchain technology continues to evolve and mature, smart contracts have become a key driving force behind the digitization and automation of transactions. Smart contracts greatly simplify and refine the traditional business transaction processes, and thus have had a profound impact on vario...

CVE-2024-45056

zksolc is a Solidity compiler for ZKsync. All LLVM versions since 2015 fold xor shl 1, x, -1 to rotl 1, x if run with optimizations enabled. Here 1 is generated as an unsigned 64 bits number 2^64-1. This number is zero-extended to 256 bits on EraVM target while it should have been sign-extended...

CVE-2024-45056

The CVE-2024-45056 entry describes a misoptimization in zksolc (Matter Labs’ Solidity compiler for ZKsync) where LLVM optimization folds (xor (shl 1, x), -1) into (rotl ~1, x). Here ~1 is generated as unsigned 64-bit (2^64-1) and is zero-extended to 256 bits on EraVM, when it should have been sig...

CVE-2024-45056 `fold (xor (shl 1, x), -1) -> (rotl ~1, x)` misoptimization in zksolc

zksolc is a Solidity compiler for ZKsync. All LLVM versions since 2015 fold xor shl 1, x, -1 to rotl 1, x if run with optimizations enabled. Here 1 is generated as an unsigned 64 bits number 2^64-1. This number is zero-extended to 256 bits on EraVM target while it should have been sign-extended...

CVE-2024-45056 `fold (xor (shl 1, x), -1) -> (rotl ~1, x)` misoptimization in zksolc

zksolc is a Solidity compiler for ZKsync. All LLVM versions since 2015 fold xor shl 1, x, -1 to rotl 1, x if run with optimizations enabled. Here 1 is generated as an unsigned 64 bits number 2^64-1. This number is zero-extended to 256 bits on EraVM target while it should have been sign-extended...

CVE-2024-45056 `fold (xor (shl 1, x), -1) -> (rotl ~1, x)` misoptimization in zksolc

zksolc is a Solidity compiler for ZKsync. All LLVM versions since 2015 fold xor shl 1, x, -1 to rotl 1, x if run with optimizations enabled. Here 1 is generated as an unsigned 64 bits number 2^64-1. This number is zero-extended to 256 bits on EraVM target while it should have been sign-extended...

Unrestricted Unwrap Fee Changes: Instability, Market Disruption, and Loss of Trust

Lines of code Vulnerability details Impact The current changeUnwrapFee function in the Ocean smart contract allows the owner to change the unwrap fee divisor with no restrictions, leading to several negative impacts: 1. Unstable Unwrap Fees: Frequent changes in the divisor can cause instability a...

Project may fail to be deployed to chains not compatible with Shanghai hardfork

Lines of code Vulnerability details Project may fail to be deployed to chains not compatible with Shanghai hardfork Current settings may produce incompatible bytecode with some of the chains supported by the protocol. Impact The Ambire wallet supports and targets different chains, such as Ethereu...

Incorrect Encoding of Order Hashes

Lines of code Vulnerability details Impact The order hashes are incorrectly encoded during the encodeOrderHashes mechanism, causing functions such as encodeRatifyOrder and encodeValidateOrder to misbehave. Proof of Concept The order hashes encoding mechanism appears to be incorrect as the...

Compilation Error: Undefined function 'shiftl_toFix' in CTokenFiatCollateral Contract

Lines of code Vulnerability details Impact return shiftltoFixrate, shiftLeft; It should be noted that the function "shiftltoFix" is not defined in the contract and not imported from any library, this means that the compiler will throw an error when trying to deploy the contract and this function...

Solidity 安全漏洞

Solidity is a high-level programming language. A security vulnerability exists in Ethereum Solidity version v0.8.14, which originates from running an example via solc and triggering an internal compiler error...

Possibility to drain TwabRewards smart contract tokens (even with valid ticket)

Handle kemmio Vulnerability details Impact Possibility to drain all smart contract assets abusing uint256 overflow in updateClaimedEpoch Proof of Concept The vulnerability arises because of uint256 overflow in updateClaimedEpoch return userClaimedEpochs | uint2561 The attacker needs to have in...