ArkProject: NFT Bridge

Summary

The depositTokens() function in bridge.sol is a payable function that requires Ether to be sent along with its execution. This Ether is utilized by the StarknetMessaging.sendMessageToL2{value:msg.value}(snaddress.unwrap(_starklaneL2Address), felt252.unwrap(_starklaneL2Selector), payload) function, which forwards the fee to the sequencer to perform the computation. According to the documentation, "The fee itself is calculated in the same manner as 'regular' L2 transactions." The CLI tool can be used to estimate the L1 → L2 message fee. However, if the Ether sent with the transaction is less than the estimated fee, the transaction may fail due to insufficient funds. In the UI, there is a limit defined 0.00004 ether , something like this must be implemented in the smart contract itself.

References

• https://docs.starknet.io/architecture-and-concepts/network-architecture/messaging-mechanism/#l1-l2-message-fees

• https://docs.starknet.io/cli/starkli/#starknet-estimate_fee

• https://docs.starknet.io/architecture-and-concepts/network-architecture/fee-mechanism/#overall_fee

Vulnerability Details

In the current implementation of the depositTokens() function, there is no mechanism to ensure that the Ether sent with the transaction meets the required minimum fee. If the Ether provided is less than the estimated amount, the transaction could fail, leading to incomplete execution and potential issues.

Impact

Medium: The vulnerability could result in transaction failures due to insufficient Ether being sent along with the depositTokens() function. This could lead to disruptions and potential loss of functionality in the bridge mechanism.

Recommendations

Implement a lower limit check within the depositTokens() function to ensure that the Ether sent (msg.value) is greater than or equal to the estimated transaction fee. This will prevent transaction failures due to insufficient funds and ensure smooth execution of the function.

Example code :