User tokens will be locked on L2
Summary
User tokens will be locked on L2 when they set use_withdraw_auto: bool, to true .
Vulnerability Details
On starknet, users have the option of setting use_withdraw_auto: bool, to true https://github.com/Cyfrin/2024-07-ark-project/blob/273b7b94986d3914d5ee737c99a59ec8728b1517/apps/blockchain/starknet/src/bridge.cairo#L248 which is attached to the header https://github.com/Cyfrin/2024-07-ark-project/blob/273b7b94986d3914d5ee737c99a59ec8728b1517/apps/blockchain/starknet/src/bridge.cairo#L276-L277 and is supposed to allow them withdraw the tokens automatically on L1, the issue is that on L1, there is a check that reverts when auto withdraw is set to true https://github.com/Cyfrin/2024-07-ark-project/blob/273b7b94986d3914d5ee737c99a59ec8728b1517/apps/blockchain/ethereum/src/Bridge.sol#L167-L172
so users can't even consume the message from L1 manually because it will revert and there is no way to cancel message on starknet/L2 so I am leaving this as high as the tokens are forever unredeemable.
Impact
Tokens are locked up forever
Tools Used
Manual Review
Recommendations
Remove the check on Bridge.sol completely and let users consume the message manually since there is a bug associated with allowing users withdrawing automatically addressed in the previous audit.
Lead Judging Commences
finding-auto_withdrawn-L2-NFT-stuck
Impact: High, token will be stuck in L2 bridge. Likelyhood: Very low, option is available in L2 but has been disabled since March on L1, would be almost a user error.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.