TempleGold

TempleDAO

Foundry

25,000 USDC

View results

Previous Next

Submission Details

Severity: high

Valid

Smart contracts (and account abstraction wallets) can neither perform cross-chain TGLD transfers nor participate in cross-chain auctions

Trident Audits

Summary

Users often like to simplify their tasks, whether it be automating their interactions with a protocol via smart contracts or making use of account abstraction (AA) wallets (essentially just smart contracts). The same smart contracts deployed on different chains along with AA enabled wallets may produce different addresses. In such cases, the user would not be able to perform cross-chain TGLD transfers or participate in cross-chain auctions.

Vulnerability Details

According to the docs,

Temple Gold

Temple Gold (TGLD) is a non-tradable non-transferrable cross-chain ERC20 token.
-> A TGLD holder can only transfer cross-chain to their own account address <-
TGLD can be transferred to whitelisted addresses. These are TempleGoldStaking, DaiGoldAuction, SpiceAuction and team gnosis multisig address
TGLD uses layer zero for cross-chain functionality.

Smart Contracts deployed on different chains can yield different addresses, for example the zkSync docs state,

The contract address derivation formula is different from the regular EVM approach. Even if a contract is deployed from the same account address with the same nonce, the ZKsync Era contract address will not be the same as it is in another EVM network.

This prevents Smart Contract Accounts and AA wallets from performing cross-chain transfers of TGLD tokens because of the following implementation of the TempleGold::send() function,

function send(

SendParam calldata _sendParam,

MessagingFee calldata _fee,

address _refundAddress

) external payable virtual override(IOFT, OFTCore) returns (MessagingReceipt memory msgReceipt, OFTReceipt memory oftReceipt) {

// code

/// cast bytes32 to address

address _to = _sendParam.to.bytes32ToAddress();

/// @dev user can cross-chain transfer to self

@> if (msg.sender != _to) { revert ITempleGold.NonTransferrable(msg.sender, _to); }

// code

}

Impact

Imagine Alice, with an AA wallet or a smart contract module:

Bids DAI in DaiGoldAuction and receives TGLD on the source Arbitrum chain.
Decides to participate in a SpiceAuction on Polygon.
Tries to send the tokens over but is met with NonTransferrable error.
Unable to participate in the auction.

As a result, a large populus of users like Alice, would not be able to participate in the Temple ecosystem.

Recommendations

Encourage users to use personal EOAs instead of contract accounts/AA wallets as updating the token contract logic to allow transfers to other addresses would break the core invariant.

Tools Used

Manual Review.

Updates

Lead Judging Commences

inallhonesty Lead Judge 11 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Account abstraction, Multisig, Any other contract based solution that doesn't share the same address across chains will lose it's TGLD in teleport.

Prize pool breakdown

Total prize

25,000 USDC

nSLOC

998

25 USDC / LOC

High Medium

20,000 USDC

Low

2,500 USDC

Judges

2,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.