Temple Gold is not compatible with some wallets
Vulnerability details
Temple Gold tokens uses OFT LayerZero standard which allows users to use Temple Gold token on other chains. The protocol also decided that this token is going to be non-transferable. User can only transfer this token to the same address on other chains. Everything is okay for EOA addresses. However when the user uses other types of wallets or account abstraction it can lead to loss of funds for the user. His address on one chain is not always the same on the other chains.
Impact
While trying to bridge Temple Gold to other chains some users are exposed to risk of losing their tokens.
Recommended Mitigation Steps
There is no simple fix to this issue. One idea that I came up with is to check if the caller is an EOA address, however this creates a barrier for other users. Unfortunately I can not provide other solution to this problem.
Lead Judging Commences
Account abstraction, Multisig, Any other contract based solution that doesn't share the same address across chains will lose it's TGLD in teleport.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.