Inconsistent Validation of Starknet Addresses in L1
Summary
The L1 bridge contract does not consistently validate Starknet addresses to ensure they are within the valid range for the Starknet network. While some parts of the code perform this check, it is not uniformly applied across all functions handling Starknet addresses, potentially leading to security vulnerabilities.
This is similar to "[M-01] Unchecked parameter" on the Clan audit report.
Vulnerability Details
The contract uses a custom snaddress type to represent Starknet addresses, which is an alias for uint256. Some functions in the contract correctly validate these addresses using the Cairo.isFelt252() function:
Impact
Will cause permenent loss of tokens when L2 address is invalid
Tools Used
Manual review
Recommendations
Verify if the address in valid on setL1L2CollectionMapping()
Lead Judging Commences
Informational / Gas
Please, do not suppose impacts, think about the real impact of the bug and check the CodeHawks documentation to confirm: https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity A PoC always helps to understand the real impact possible.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.