Fallback function is not compliant with ERC-7579 becasue it uses `staticcall` instead of `call` to call the fallbackHandler
Lines of code
https://github.com/Cyfrin/2024-07-biconomy/blob/9590f25cd63f7ad2c54feb618036984774f3879d/contracts/base/ModuleManager.sol#L86
Impact
Using staticcall instead of call for fallback handlers can lead to several issues:
Non-compliance with ERC-7579: The contract does not adhere to the standard, which may lead to interoperability issues with other compliant modules and smart accounts.
Functionality Limitation: staticcall restricts the fallback handler from modifying state, which may be necessary for certain operations, leading to potential failures or unexpected behavior.
Security Risks: The use of staticcall may introduce security vulnerabilities if the fallback handler relies on state changes to enforce certain checks or balances.
Proof of Concept
A user sends a transaction to the ModuleManager contract with a function signature that maps to a fallback handler with CALLTYPE_STATIC.
The fallback function retrieves the handler and determines the call type.
The contract uses staticcall to invoke the handler.
If the handler attempts to modify the state, the call fails, leading to a revert and potential denial of service.
Recommended Mitigation Steps
Recommended Mitigation Steps
Replace staticcall with call to ensure compliance with the ERC-7579 standard and allow fallback handlers to modify state as needed.
Lead Judging Commences
finding-ERC7579-fallback-staticcall
Invalid, although ERC7579 is violated, staticcall is a desired supported fallback call type as seen in the [documentation](https://github.com/bcnmy/nexus/wiki/Execution-Framework#key-concepts), and there will be no exploit possible
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.