QA Report

[code423n4]

• Low
  • 1. Very Outdated packages
  • 2. Outdated compiler
  • 3. Lack of ACK during owner change
  • 4. Lack of check
  • 5. Ether could be blocked
  • 6. Use encode instead of encodePacked for hashig
  • 7. Logic mismatch in ERC1155Fuse
  • 8. now alias should be avoided
• Non-Critical or OutOfScope
  • 9. Open TODO
  • 10. [OutOfScope] Use abstract for base contracts
  • 11. [OutOfScope] Lack of auth

Low

1. Very Outdated packages

Some used packages are out of date, it is good practice to use the latest version of these packages:

"@ensdomains/buffer": "^0.0.13" => 0.1.0
"@openzeppelin/contracts": "^4.1.0" => 4.7.0

2. Outdated compiler

The pragma version used is:

pragma solidity ^0.8.4;
pragma solidity ^0.8.13;

But recently solidity released a new version with important Bugfixes:

• The first one is related to ABI-encoding nested arrays directly from calldata. You can find more information here.

• The second bug is triggered in certain inheritance structures and can cause a memory pointer to be interpreted as a calldata pointer or vice-versa. We also have a dedicated blog post about this bug.

Apart from these, there are several minor bug fixes and improvements.

The minimum required version should be 0.8.15

3. Lack of ACK during owner change

It's possible to lose the ownership under specific circumstances.

Because an human error it's possible to set a new invalid owner. When you want to change the owner's address it's better to propose a new owner, and then accept this ownership with the new wallet.

Affected source code:

• Ownable.sol#L18
• Owned.sol#L19
• ENSRegistryWithFallback.sol#L59

4. Lack of check

The following lines requires a valid address as an argument, in some of them, once the value is set, it cannot be changed again, so it is mandatory to check if these values are as expected.

Affected source code for address(0):

• PublicResolver.sol#L55-L58
• ENSRegistryWithFallback.sol#L16
• ETHRegistrarController.sol#L50-L55
• FIFSRegistrar.sol#L24
• TestRegistrar.sol#L22
• ReverseRegistrar.sol#L29
• NameWrapper.sol#L54-L56

5. Ether could be blocked

The user's ether could be locked and unrecoverable.

Because to transfer ether the .transfer method (which is capped at 2300 gas) is used instead of .call which is limited to the gas provided by the user. If a contract that has a fallback method more expensive than 2300 gas, creates an offer, it will be impossible for this contract cancel the offer or receive funds back to that address.

Reference:

• transfer -> The receiving smart contract should have a fallback function defined or else the transfer call will throw an error. There is a gas limit of 2300 gas, which is enough to complete the transfer operation. It is hardcoded to prevent reentrancy attacks.
• send -> It works in a similar way as to transfer call and has a gas limit of 2300 gas as well. It returns the status as a boolean.
• call -> It is the recommended way of sending ETH to a smart contract. The empty argument triggers the fallback function of the receiving address.

Affected lines:

High impact:

• ETHRegistrarController.sol#L211

Low impact:

• ETHRegistrarController.sol#L183
• ETHRegistrarController.sol#L204

Recommended Mitigation Steps:

• Use .call instead of .transfer.

6. Use encode instead of encodePacked for hashig

Use of abi.encodePacked is safe, but unnecessary and not recommended. abi.encodePacked can result in hash collisions when used with two dynamic arguments (string/bytes).

There is also discussion of removing abi.encodePacked from future versions of Solidity (ethereum/solidity#11593), so using abi.encode now will ensure compatibility in the future.

Affected source code:

• ETHRegistrarController.sol#L255
• FIFSRegistrar.sol#L13
• ReverseRegistrar.sol#L83
• ReverseRegistrar.sol#L151
• ENSRegistry.sol#L75

7. Logic mismatch in ERC1155Fuse

In the contract ERC1155Fuse the methods safeTransferFrom and safeBatchTransferFrom has different logic when the to is the same owner. if the user use safeTransferFrom to transfer a not owned item to the same owner, nothing will happend, and no-revert will ocurr, but if you use safeBatchTransferFrom a revert will happend.

In the ERC1155Fuse contract, the safeTransferFrom and safeBatchTransferFrom methods have different logic when the destination (to) is the owner. if the user uses safeTransferFrom to transfer an item that they don't own to the same owner, nothing will happen and it won't be reverted, but if they use safeBatchTransferFrom, it will be reverted.

Affected source code:

• ERC1155Fuse.sol#L282
• ERC1155Fuse.sol#L216

8. now alias should be avoided

There is an argument named now, this is an alias that could work in a different way with different versions of solidity because it's a reserved word. As the documentation said is not critical, but should be avoided.

In version 0.7.0, the alias now (for block.timestamp) was removed.

Reference:

• https://docs.soliditylang.org/en/latest/units-and-global-variables.html?highlight=now#block-and-transaction-properties

Affected source code:

• DNSSECImpl.sol#L91-L94
• DNSSECImpl.sol#L110-L133

Non-Critical or OutOfScope

9. Open TODO

The code that contains "open todos" reflects that the development is not finished and that the code can change a posteriori, prior release, with or without audit.

Affected source code:

• DNSSECImpl.sol#L238

10. [OutOfScope] Use abstract for base contracts

Abstract contracts are contracts that have at least one function without its implementation. An instance of an abstract cannot be created.

Reference:

• https://docs.soliditylang.org/en/v0.6.2/contracts.html#abstract-contracts

Affected source code:

• OwnedResolver.sol#L16
• TestResolver.sol#L6

11. [OutOfScope] Lack of auth

The following methods do not have any authentication and the states can be modified by anyone:

https://github.com/code-423n4/2022-07-ens/blob/ff6e59b9415d0ead7daf31c2ed06e86d9061ae22/contracts/ethregistrar/TestResolver.sol#L21
https://github.com/code-423n4/2022-07-ens/blob/ff6e59b9415d0ead7daf31c2ed06e86d9061ae22/contracts/ethregistrar/DummyOracle.sol#L11
https://github.com/code-423n4/2022-07-ens/blob/ff6e59b9415d0ead7daf31c2ed06e86d9061ae22/contracts/registry/TestRegistrar.sol#L31