Sablier

Description

The abstract SablierV2MerkleLockup contract forms the foundation for all other Merkle contracts. It contains the following function

This function allows the creator to retrieve any remaining assets in the contract during the first 7 days of the airdrop, provided all users haven't claimed before clawback is invoked. Once this period has passed, as outlined in the "Assumptions" section, the creator is no longer required to be trusted:

However, unlike the SablierV2BatchLockup contract, no asset transfer ever occurs to the Merkle contracts. This allows an airdrop creator to bypass the grace period by only sending the necessary assets when they choose to do so, thereby preventing any user from claiming, even if they possess a valid proof. Consequently, without a process to check the amount to be sent (which would be too gas-intensive on-chain since it would require checking the entire Merkle tree to determine the total amount to send), the creator must be trusted throughout the entire process.

Risk

Likelyhood: High

• Creators can bypass the grace period by sending every amounts whenever they choose.

Impact: High

• The grace period could be bypassed.

• Users will not be able to claim their airdrop, even if their Merkle proof is correct, if the creator chooses not to send the necessary amount.

Recommended Mitigation

Given that calculating the tree would be too gas-intensive on-chain, the creator of a Merkle tree must be trusted throughout the entire airdrop.

However, an innovative solution could involve using Account Abstraction with the Airdrop creator acting as the Paymaster (or they would need to send gas fees to a Paymaster contract), and a contract owned by the protocol would create the Merkle contracts, thereby preventing any potential cheating by the airdrop creator.