Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Swisstronik>Medium findings>Lack of validation in ,ElasticityMultiplier, causes division by zero
GeneralOverview
Findings
High (1)
Medium (3)The ECRecover precompile computes an incorrect keyMissing overflow check in AddTransientGasWantedLack of validation in ElasticityMultiplier causes division by zero
Low (4)
Informational (1)
DiscussionInstallation stepsThe go-ethereum precompile tests
Audit ResultsAssessment Results
Category: Coding Mistakes

Lack of validation in ElasticityMultiplier causes division by zero

Medium Severity
Medium Impact
Low Likelihood

Description

In CalculateBaseFee, the code assumes that ElasticityMultiplier cannot be zero due to validation, but validateElasticityMultiplier only checks for the correct data type (uint32) and not whether the value is nonzero. 

func validateElasticityMultiplier(i interface{}) error {
	_, ok := i.(uint32)
	if !ok {
		return fmt.Errorf("invalid parameter type: %T", i)
	}
	return nil
}

If ElasticityMultiplier is mistakenly set to zero, division by zero can occur in the base-fee calculation.

func (k Keeper) CalculateBaseFee(ctx sdk.Context) *big.Int {
	params := k.GetParams(ctx)
  // [...]

  // CONTRACT: ElasticityMultiplier cannot be 0 as it's checked in the params
  // validation
  parentGasTargetBig := new(big.Int).Div(gasLimit, new(big.Int).SetUint64(uint64(params.ElasticityMultiplier)))
  if !parentGasTargetBig.IsUint64() {
    return nil
  }

Impact

Division by zero can cause runtime errors or panics, disrupting block processing.

Recommendations

Extend validateElasticityMultiplier to ensure ElasticityMultiplier is greater than zero — for example:

if val, ok := i.(uint32); !ok || val == 0 {
    return fmt.Errorf("elasticity multiplier must be a non-zero uint32")
}

Remediation

This issue has been acknowledged by Sigma Assets GmbH, and a fix was implemented in commit 40c518a9.

Zellic © 2025Back to top ↑