Biconomy: Nexus

Biconomy

HardhatFoundry

30,000 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

Potential Issue with the Removal of the Last Executor

alhakista

Summary

The ModuleManager contract in the Nexus suite manages various modules including validators, executors, hooks, and fallback handlers. Each module has specific roles and is managed through a linked list structure provided by the SentinelListLib.

Key Components

Executor Modules: These are crucial for executing operations on behalf of the account. Each function that performs critical actions is protected by the onlyExecutorModule modifier, ensuring that only authorized executor modules can invoke these functions.

Vulnerability Details

The primary concern is the potential issue arising from the removal of the last executor. If there are no executor modules left, critical functions cannot be executed, leading to a potentially locked or unusable contract state.

Detailed Analysis

onlyExecutorModule Modifier:

modifier onlyExecutorModule() virtual {
require(_getAccountStorage().executors.contains(msg.sender), InvalidModule(msg.sender));
_;
}

This modifier ensures that only addresses present in the executors list can execute the protected functions.

If no executor remains in the list, any function requiring onlyExecutorModule will revert, making those functionalities inaccessible.

function _uninstallExecutor(address executor, bytes calldata data) internal virtual {
(address prev, bytes memory disableModuleData) = abi.decode(data, (address, bytes));
_getAccountStorage().executors.pop(prev, executor);
IExecutor(executor).onUninstall(disableModuleData);
}

Removes an executor module from the list and de-initializes it.

There is no check to ensure at least one executor remains installed.

Impact

Loss of Functionality:

If the last executor is removed, all functions protected by the onlyExecutorModule modifier become unusable, leading to a locked contract state where critical operations cannot be performed.

System Security:
- Without any executor, the system might be vulnerable to exploits or malfunction as it cannot enforce the intended execution control.

Tools Used

Manual Analysis

Recommendations

Ensure Minimum One Executor:

Modify the _uninstallExecutor function to include a check ensuring that at least one executor remains installed.

Updates

Lead Judging Commences

0xnevi Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Known issue

Assigned finding tags:

finding-no-executor-module-left

Invalid, known issue: > Validator management > - A Nexus Smart Account could be locked forever if the owner installs a validator in the wrong way and does remove all other valid validators

Appeal created

alhakista Submitter

about 1 year ago

alhakista Submitter

about 1 year ago

0xnevi Lead Judge

about 1 year ago

0xnevi Lead Judge 12 months ago

Submission Judgement Published

Invalidated

Reason: Known issue

Assigned finding tags:

finding-no-executor-module-left

Invalid, known issue: > Validator management > - A Nexus Smart Account could be locked forever if the owner installs a validator in the wrong way and does remove all other valid validators

Prize pool breakdown

Total prize

30,000 USDC

nSLOC

1,433

21 USDC / LOC

High Medium

25,000 USDC

Low

2,750 USDC

Judges

2,250 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.