TempleGold

Summary

Users with account abstraction wallets have different addresses across different chains for the same account. The send function in TempleGold assumes that the sender's address will be the same on the destination chain, which is not always true for account abstraction wallets. This can result in TGLD tokens being sent to an inaccessible address on the destination chain, leading to a permanent loss of tokens.

Vulnerability Details

The send function in TempleGold.sol is designed to allow users to transfer their TGLD tokens across chains, but it assumes that the sender's address will be the same on both the source and destination chains:

TempleGold.sol#L288-L290

This check ensures that users can only send tokens to their own address on the destination chain. However, users with account abstraction wallets (like Gnosis Safe) can have different addresses across different chains.

When such a user initiates a cross-chain transfer:

1. The transfer will pass the check msg.sender != _to on the source chain.

2. The tokens will be debited from their account on the source chain.

3. On the destination chain, the tokens will be credited to the same address as on the source chain.

4. However, this address on the destination chain may not be controlled by the user, effectively resulting in a permanent loss of tokens.

Impact

Users with account abstraction wallets may permanently lose their TGLD tokens when attempting cross-chain transfers. This could affect a significant portion of users, especially as account abstraction becomes more prevalent in the ecosystem.

Recommendations

Implement a registry of linked addresses across chains, allowing users to prove ownership of addresses on different chains.