TempleGold
TempleDAO
Foundry
25,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

In cross-chain communication configuring `message.compose` option in `send`function will prevent users from receiving TGLD on the destination chain in `_lzReceive` function

0xdhanraj30

Description:

In Cross-chain communication
user want to send their TGLD by calling send function of TempleGold contract. If SendParam struct is passed from users, they can add any field including compose data into the message. Then on the destination chain, in _lzReceive function, it blocks messages with compose options in it

Vulnerability Details:

_lzReceive function prsent:

if (_message.isComposed()) { revert CannotCompose(); }

This means that user who call send function with compose option they will not receive TGLD tokens on the destination chain

Impact:

Token transfer of user for destination chain can not work based on the parameter which causes loss of funds for users.

Tools Used:

Manual, Foundry

Recommendations:

Verifying that required fields are populated.
Ensuring that the message format adheres to the expected structure for the _lzReceive function.

In send function, if the _sendParam includes compose option, it should revert.
Even better, send function only inputs mandatory fields from users like the amount to send, and it constructs SendParam in it rather than receiving it as a whole from the user.

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Design choice

Appeal created

0xdhanraj30 Submitter
about 1 year ago
inallhonesty Lead Judge
about 1 year ago
inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.