Biconomy: Nexus

GitHub
https://github.com/Cyfrin/2024-07-biconomy/blob/9590f25cd63f7ad2c54feb618036984774f3879d/contracts/factory/RegistryFactory.sol#L71-L73
https://github.com/Cyfrin/2024-07-biconomy/blob/9590f25cd63f7ad2c54feb618036984774f3879d/contracts/factory/K1ValidatorFactory.sol#L97

Summary

In RegistryFactory.sol, the setThreshold function allows setting the threshold without any minimum or maximum limits. Consequently, it can be set to 0 or any value within the range of type(uint8).max.

The threshold is crucial for creating a new Nexus account with a specific validator and initialization data. The generated init data uses BOOTSTRAPPER.getInitNexusWithSingleValidatorCalldata(validator, REGISTRY, attesters, threshold) to enforce a security mechanism requiring a sufficient number of attestations from trusted attesters. However, if the threshold is set to 0, no attestations are required, allowing the creation of a Nexus smart account with unsecure init data. Conversely, setting the threshold to a very high value can make it impractical to gather the required number of attestations, hindering the usability of the system.

Impact

Nexus smart accounts can be created with unsecure init data if the threshold is set to 0. Setting the threshold too high can make the system impractical to use due to the difficulty in gathering the required number of attestations.

Recommendation

Introduce minimum and maximum limits on the threshold to ensure that the value is within a secure and practical range. This will prevent the creation of unsecure Nexus smart accounts and ensure the system remains usable.

Define appropriate values for MIN_THRESHOLD and MAX_THRESHOLD based on the security requirements and practical considerations for your system.