Linea USDC Market Migration Review

1

Summary

Timeline: From 2025-01-27 To 2025-02-04

Total Issues: 3 (1 resolved)

Critical Severity Issues: 1 (1 resolved)

Low Severity Issues: 2 (0 resolved)

Scope

OpenZeppelin reviewed pull request #114 at commit b8aaf31. This pull request will submit a governance proposal to create a USDC Comet market on the Linea network using the official Comet Migration process.

In scope were the following files:

.github/workflows/enact-migration.yaml
deployments/linea/usdc/migrations/1736257010_configurate_and_ens.ts

System Overview

The Compound V3 deployment on Linea is part of a key initiative aimed at expanding the Compound protocol’s presence within the EVM-compatible blockchain ecosystem. Initially developed in 2023, the deployment was delayed due to evolving circumstances. However, with renewed collaboration between Linea, MetaMask, and MasterCard, the project has regained momentum, necessitating new development to accommodate recent chain upgrades.

The deployment is strategically aligned with Linea’s partnership with MetaMask and MasterCard to introduce a Crypto Debit Card. This card allows users to deposit crypto funds into their debit card accounts and spend them at any merchant accepting MasterCard. The integration of cTokens, such as cUSDCv3, into this ecosystem enables users to maintain an interest-bearing savings account while ensuring liquidity for transactions.

For this initiative to succeed, Compound must be fully deployed and operational on Linea. The focus of OpenZeppelin’s review was pull request #114, which includes the deployed dependencies, the official migration governance proposal, and all the security concerns that may arise during the execution of the proposal. Specifically, we checked that:

  • The correct contracts were deployed on-chain.
  • The simulation workflow created the same proposal as the deployment workflow.
  • The proposal description was accurate and descriptive of its effects.
  • The proposal dependencies were verified as deployed with the correct configurations.
  • The proposal instructions were decoded and verified as complete.
  • The correct oracle price feeds were used.
  • The proposal instructions were simulated and executed successfully without errors.

Trust Assumptions

During the course of this review, the following trust assumptions were made.

Network Release Phase

The Linea network is currently in Phase 1 of its roadmap. As such, the Linea team cautions that, due to the use of novel technology, unforeseen risks may arise. Additionally, users may experience periods of unexpected network degradation.

Decentralization

Currently, only a trusted sequencer is allowed to submit transaction batches and there is no mechanism for users to force the sequencer to include their transactions. This entails that funds would be frozen if the sequencer goes down or decides to censor transactions. Linea’s Prover, which has already been audited, is the only operator that may generate zero-knowledge proofs.

EVM Equivalence

Currently, the Linea protocol implements the London EVM. This means that it does not support Push0, which may raise issues for contracts using a Solidity version greater than 0.8.20. Where the Solidity version is greater than 0.8.20, it is crucial that contracts are compiled with the London EVM as the target version in order to avoid the use of Push0.

Linea’s Governance Transparency

Linea is governed by an eight-seat security council. Each of those seats is currently held by employees at Consensys, the sponsor of the project. Hence, they have administrative power over the smart contracts in the system (its bridges, message service, etc). As a result, these contracts can be changed at any time and for any reason that the council deems justified (with a 75% threshold). This could halt flows across networks, break existing dApps, or even render funds irretrievable.

Withdrawal Censorship

Users can initiate withdrawals from L2 to L1 by submitting a transaction on L2. When the block containing that transaction is proven on L2, the funds can then be withdrawn on L1 by executing a transaction. However, as mentioned before, it is important to note that users cannot force a transaction to be included in L2. Thus, the sequencer could censor any withdrawal requests. It is also important to note that without an escape-hatch mechanism, users cannot be assured that their funds would be recoverable in the case of a general L2 network failure.

Critical Severity

Uninitialized Bridge Receiver

The LineaBridgeReceiver contract is responsible for accepting messages from Compound Governance via the Linea Message Service. By design, the contract will only process messages sent by the mainnet Governor contract via the Timelock. In this context, multiple issues have been identified:

  • The first issue is that the LineaBridgeReceiver contract has not been initialized. Consequently, the proposed sendMessage call will fail to deploy the USDC market on the Linea Network as the LineaBridgeReciever has, in its uninitialized state, no values set for the localTimelock and govTimelock variables.

  • The second issue is that the migration also queues fund transfers of 100000 USDC and 5110 COMP through LineaL1USDCBridge and LineaL1TokenBridge, respectively. These transfers are independent of the calls to LineaBridgeReceiver and should successfully transfer these funds to the Linea USDC Comet Market and the Comet Rewards contract. These funds will be transferred upon proposal execution regardless of whether the cross-chain call to LineaBridgeReceiver contract succeeds.

The above-mentioned issues enable any user to hijack the bridged funds from the USDC Comet Market and Comet Rewards addresses by taking control of the local Timelock contract. An attacker can initialize the LineaBridgeReceiver with the appropriate localTimelock address but adjust the govTimelock parameter to an address that they control on the Ethereum Mainnet. At this stage, the attacker would appear as the Governance Timelock receiving calls through the LineaBridgeReceiver, thereby gaining control over both the Comet Proxy Admin (which allows them to upgrade the USDC Market to any implementation they choose) and the Comet Reward contract.

In light of the above, consider properly initializing the LineaBridgeReceiver contract before submitting the proposal. In addition, for future deployments, consider ensuring that deployment and initialization occur in the same transaction to prevent such scenarios.

Update: Resolved. The Woof team initialized the LineaBridgeReceiver contract right after OpenZeppelin reported the issue.

Low Severity

Inaccurate Proposal Description

The proposal description notes that the first action sends encoded setFactory, setConfiguration, and deployAndUpgradeTo calls to the USDC Comet Market on the Linea network. However, the enacted proposal would actually send encoded setConfiguration, deployAndUpgradeTo, and setRewardConfig calls to the aforementioned Comet Market.

Consider correcting the proposal description to match the enacted calls.

Scenario and Enactment Migration Failure

Scenario and enactment simulations are run prior to the audit submission in order to ensure that the proposed changes have the desired outcome. These simulations have been provided as part of the scope. The scope document indicates that the Linea-USDC scenario and the preparation and enactment run simulations were completed successfully. However, this is not the case, as the aforementioned two jobs fail:

Consider re-running the GitHub workflow to ensure the above jobs succeed as expected.

Conclusion

OpenZeppelin conducted a review of the Linea network ahead of the launch of its first Compound Comet Market. While no deployment complications for the Linea network were found, certain risks and trust assumptions were highlighted. The Linea-USDC deployment and proposal execution were also examined. One major concern identified was an uninitialized bridge receiver, which could have allowed an attacker to impersonate the Governor on Linea, potentially resulting in the loss of bridged funds.

1 Like