Mixed Usage of Auto-Withdraw and Starknet Messaging Conflicts in Messaging.sol
Summary
A security audit on the StarklaneMessaging contract revealed conflicts between auto-withdraw and Starknet messaging features, leading to potential denial of service.
Vulnerability Details
Messages configured for auto-withdrawal might conflict with those intended for Starknet messaging, causing denial of service.
Affected Code:
POC (Proof of Concept)
Messages intended for auto-withdrawal may conflict with Starknet messages.
Scenario: Bob adds a message for auto-withdrawal, and Alice attempts to consume it via Starknet messaging.
-
Add Message for Auto-Withdrawal:
bytes32 msgHash = keccak256(abi.encodePacked("Message from Bob for auto-withdrawal"));_autoWithdrawn[msgHash] = WITHDRAW_AUTO_READY;Kopier kode
-
Consume Message via Starknet Messaging:
if (_autoWithdrawn[msgHash] != WITHDRAW_AUTO_NONE) {revert WithdrawMethodError();}Kopier kode
Since the state of
msgHashisWITHDRAW_AUTO_READY, the transaction reverts with aWithdrawMethodError.
Impact
Severity: High
Denial of Service: Users might find it difficult to consume messages using Starknet messaging if they are configured for auto-withdrawal.
Complex State Management: Increased complexity in managing message states could result in erroneous message consumptions and user confusion.
Tools Used
Manual Code Review
Recommendations
Stricter Checks: Enforce stricter checks to distinguish between auto-withdrawal and Starknet messaging.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.