Replay Attack Vulnerability in `verifyRequisition` Modifier of `TractorFacet` Contract
Summary
The verifyRequisition modifier in the TractorFacet contract contains a vulnerability that can lead to replay attacks. This issue arises because the modifier only checks the hash and signer's address without ensuring the uniqueness or freshness of the requisition, allowing the same requisition to be reused multiple times.
Vulnerability Details
See the following code:
The modifier performs the following steps:
Computes the blueprintHash from the provided blueprint.
Checks if the computed blueprintHash matches the blueprintHash in the requisition.
Verifies the signature to ensure that the signer is the publisher of the blueprint.
While these checks ensure the integrity and authenticity of the requisition, they do not prevent the same requisition from being reused. This omission allows replay attacks, where an attacker can reuse a valid requisition to perform the same action multiple times.
Impact
An attacker can reuse a valid requisition multiple times, leading to unauthorized repeated actions. If the repeated actions involve transferring tokens or executing sensitive operations, this can result in significant financial loss. Unauthorized repeated actions can disrupt the intended operations of the contract.
Tools Used
Manual Review
Recommendations
To prevent replay attacks, it is essential to introduce a mechanism that ensures each requisition can only be used once. This can be achieved by maintaining a mapping of used blueprint hashes and invalidating them after their first use.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.