CVE-2023-46232 in era-compiler-vype
Summary
by MITRE • 10/26/2023
era-compiler-vyper is the EraVM Vyper compiler for zkSync Era, a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to era-compiler-vype version 1.3.10, a bug prevented the initialization of the first immutable variable for Vyper contracts meeting certain criteria. The problem arises when there is a String or Array with more 256-bit words allocated than initialized. It results in the second word’s index unset, that is effectively set to 0, so the first immutable value with the actual 0 index is overwritten in the ImmutableSimulator. Version 1.3.10 fixes this issue by setting all indexes in advance. The problem will go away, but it will get more expensive if the user allocates a lot of uninitialized space, e.g. `String[4096]`. Upgrading and redeploying affected contracts is the only way of working around the issue.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 11/18/2023
The vulnerability CVE-2023-46232 affects the era-compiler-vyper compiler used in zkSync Era, a layer 2 Ethereum scaling solution that employs zero-knowledge proofs for transaction processing. This issue specifically targets Vyper smart contracts compiled with versions prior to 1.3.10, creating a critical flaw in the handling of immutable variables within contract deployment. The vulnerability stems from improper initialization of immutable storage variables when dealing with String or Array types that exceed 256-bit word allocation limits, fundamentally compromising the integrity of contract state management. The flaw manifests when contracts contain data structures where more storage space is allocated than actually initialized, creating a cascade of storage corruption that directly impacts the first immutable variable's proper initialization.
The technical root cause of this vulnerability lies in the ImmutableSimulator's handling of storage indexing during contract compilation and deployment. When a String or Array type exceeds the standard 256-bit word boundaries, the compiler fails to properly set all storage indices in advance, resulting in the second word's index remaining unset and effectively defaulting to zero. This zero index assignment causes the first immutable variable to be overwritten with the value intended for the second position, creating a systematic corruption of contract storage. The flaw specifically impacts the storage simulator's logic for managing immutable variables, where the uninitialized storage slots are not properly accounted for in the indexing scheme. This issue maps directly to CWE-129, which addresses improper validation of array indices, and CWE-128, which covers buffer under-read conditions. The vulnerability demonstrates characteristics consistent with ATT&CK technique T1059.006, where improper input handling leads to unexpected behavior in smart contract execution environments.
The operational impact of this vulnerability extends beyond simple data corruption, creating significant risks for contract deployments and potentially affecting the entire zkSync Era ecosystem. When contracts with large uninitialized arrays or strings are deployed, the storage corruption can lead to unpredictable contract behavior, incorrect state management, and potential financial losses for users interacting with affected contracts. The vulnerability becomes particularly problematic when users allocate substantial uninitialized space such as `String[4096]` as mentioned in the advisory, since the computational overhead increases dramatically while the risk of storage corruption grows proportionally. This issue directly affects the reliability of zkSync Era's smart contract infrastructure and creates trust concerns among developers and users who rely on the platform's security guarantees. The problem essentially renders certain contract deployments unreliable and potentially exploitable, as the overwritten immutable values could contain critical contract parameters or security-related data.
The remediation for CVE-2023-46232 requires immediate upgrading to version 1.3.10 or later of the era-compiler-vyper compiler, followed by complete redeployment of all affected contracts. This approach addresses the core issue by ensuring that all storage indices are properly initialized in advance before any immutable variable assignment occurs. The fix implemented in version 1.3.10 prevents the cascading storage corruption by pre-setting all memory indices, thereby eliminating the scenario where the second word's index remains unset. Organizations using zkSync Era must conduct comprehensive audits of their deployed contracts to identify those using vulnerable compiler versions, particularly focusing on contracts that utilize large uninitialized arrays or strings. The mitigation strategy also requires careful consideration of the increased computational costs associated with pre-initializing storage space, as the upgrade may result in higher gas consumption for contract deployments. Additionally, developers should implement thorough testing procedures to validate that their contracts properly handle various data structure configurations, especially when dealing with boundary conditions that trigger the original vulnerability. The solution represents a fundamental architectural improvement to the compiler's storage management logic and aligns with best practices for secure smart contract development in Ethereum layer 2 environments.