60,000 USDC
Submission Details
Severity:
An attacker can adjust the hash value using the salt value.
Summary
An attacker can adjust the hash value using the salt value, as a result, various problem can occur.
Vulnerability Details
According to protocol flow, users call depositTokens() to deposit token in escrow and initiate the transfer to Starknet.
function depositTokens(
@ uint256 salt,
address collectionL1,
snaddress ownerL2,
uint256[] calldata ids,
bool useAutoBurn
)
external
payable
{
...
req.hash = Protocol.requestHash(salt, collectionL1, ownerL2, ids);
...
}
Parameter salt of depositTokens() is set by input of user.
The requestHash() generates hash value by using salt.
This incorrect hash value is used in withdrawTokens().
function withdrawTokens(
uint256[] calldata request
)
external
payable
returns (address)
{
...
if (collectionL1 == address(0x0)) {
if (ctype == CollectionType.ERC721) {
collectionL1 = _deployERC721Bridgeable(
req.name,
req.symbol,
req.collectionL2,
req.hash
);
// update whitelist if needed
_whiteListCollection(collectionL1, true);
} else {
revert NotSupportedYetError();
}
}
...
}
Impact
An attacker can adjust the hash value using the salt value, as a result, various problem can occur.
Tools Used
Mannual Review
Recommendations
Generate salt randomly.
Prize pool breakdown
Total prize
60,000 USDC
nSLOC
2,30126 USDC / LOC
50,000 USDC
5,500 USDC
4,500 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.