Infinite Token Creation on L2 in L1BossBridge
Summary
The depositTokensToL2 function in the smart contract allows an attacker to create an infinite number of tokens on the L2 network by exploiting the event emission mechanism. By manipulating the from address and emitting the Deposit event multiple times, the attacker can mint an unlimited amount of tokens on the L2 network.
Vulnerability Details
The vulnerability arises from the fact that the depositTokensToL2 function does not perform proper checks on the from address. An attacker can pass the address of the vault as the from parameter and emit the Deposit event multiple times, causing the L2 contract to mint tokens for the attacker. This can lead to an infinite supply of tokens for the attacker on the L2 network.
Foundry (put in test file) PoC:
Impact
By exploiting this vulnerability, an attacker can create an unlimited number of tokens on the L2 network, potentially leading to inflation and devaluation of the token. This can result in financial loss and undermine the integrity of the token system.
Tools Used
Manual review
Recommendations
To mitigate this vulnerability, it is recommended to remove the from parameter in depositTokensToL2 function. Use instead msg.sender in all places from argument is used.
Lead Judging Commences
depositTokensToL2(): abitrary from address
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.