Submission Details
Severity:
Signature Replay Attack
Summary
Vulnerability Details
The sendToL1 is responsible for verifying the withdrawal ETH from L2 to L1. It did not check if the signature can be reused.
sendToL1(
v,
r,
s,
abi.encode(
address(token),
0, // value
abi.encodeCall(IERC20.transferFrom, (address(vault), to, amount))
//@audit-issue, should add nonce and chainId
)
);
function sendToL1(uint8 v, bytes32 r, bytes32 s, bytes memory message) public nonReentrant whenNotPaused
Impact
By reusing a valid signature, attackers can execute unauthorized transactions on the blockchain network, resulting in financial losses and other harmful consequences.
Tools Used
Manual Review
Recommendations
Sign messages with nonce and chainId address of the contract. This prevents singular blockchain and cross-chain replay attacks.
function withdrawTokensToL1(address to, uint256 amount, uint256 _nonce,uint8 v, bytes32 r, bytes32 s) external {
sendToL1(
v,
r,
s,
abi.encode(
address(token),
0, // value
abi.encodeCall(IERC20.transferFrom, (address(vault), to, amount, _nonce))
)
);
}
function sendToL1(uint8 v, bytes32 r, bytes32 s, bytes memory message, uint256 _chainId,) public nonReentrant whenNotPaused
if(_chainId != block.chainid) {
// revert Invalid_chain_ID;}
Updates
Lead Judging Commences
0xnevi almost 2 years ago
Submission Judgement Published Assigned finding tags:
withdrawTokensToL1()/sendToL1(): signature replay
Rewards breakdown
nSLOC
99This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.