​

Users managing TempleGold tokens via Safes wallets may encounter issues when bridging assets across different chains. The core issue lies in the potential inability of users managing TempleGold via a Safes wallet to maintain the same wallet address across different blockchain networks.

​

​

The root cause of the vulnerability is the inherent limitation of smart contract wallets, such as Safes, to maintain consistent addresses across different blockchain networks. Each blockchain network operates independently, leading to unique states and opcode differences. Even if a deterministic deployment approach is adopted to attempt generating the same address across networks, it may still result in separate and unrelated addresses due to the distinct nature of each blockchain's environment (ZkSync Era's different [Address derivation](https://docs.zksync.io/build/developer-reference/ethereum-differences/evm-instructions#address-derivation) for create2, nonces are not aligned between chains).

​

This situation becomes problematic when users attempt to bridge assets, expecting the same wallet address to receive the bridged assets on the destination network.

​

https://github.com/Cyfrin/2024-07-templegold/blob/main/protocol/contracts/templegold/TempleGold.sol#L290

​

// File: protocol/contracts/templegold/TempleGold.sol

281: function send(

288: address _to = _sendParam.to.bytes32ToAddress();

289: /// @dev user can cross-chain transfer to self

290: if (msg.sender != _to) { revert ITempleGold.NonTransferrable(msg.sender, _to); } // <= FOUND: the Safes wallet not able to bridge TempleGold

311: }

​

If the user cannot obtain the same Safe wallet address on the destination network due to reasons such as nonce misalignment, ZkSync Era as destination or changes of control/ownership structure in the destination Safes wallet, the bridged assets could be irretrievably lost.

​

​

​

The severity of this vulnerability is high, primarily because Safes wallets have gained considerable traction among users. The inability to bridge assets seamlessly across different networks due to address mismatches could lead to significant financial losses for affected users. Given the increasing reliance on blockchain interoperability solutions, such vulnerabilities pose a real threat to user trust and adoption of these technologies.

​

​

Manual Review

​

​

1. Allow users to specify the destination address for token minting during the bridging process, rather than assuming it will be the same as the source address.

2. Provide a clear warning to Safes wallet users about the potential issues with cross-chain transfers and advise them against using the same wallet address on different chains.