Missing validation of the `IAccount.validateTransaction.selector` value in `MondrianWallet2::executeTransactionFromOutside` allows an attacker to make an unauthorized transfer of funds.
Description
The executeTransactionFromOutside function allows external entities to initiate transactions from the wallet owner's account. For this to happen, the owner's signature must be validated. Signature validation is handled by the internal _validateTransaction function. The _validateTransaction function returns a 4 byte IAccount.validateTransaction.selector value if the owner has signed the transaction, otherwise 0. However, the current implementation of the executeTransactionFromOutside function does not check if the valid selector is returned (meaning the transaction signer is the owner), and as a result, in case the transaction signer is NOT the owner, it does not revert the transaction before the actual transfer of the funds takes place.
Impact
The described vulnerability would allow an attacker to easily transfer funds from the owner's wallet, effectively draining the smart contract's wallet.
Tools Used
Manual review, vscode
Recommended Mitigation:
Consider making the following change to the executeTransactionFromOutside function:
Lead Judging Commences
Missing validation in executeTransactionFromOutside
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.