TempleGold
TempleDAO
Foundry
25,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

No min gas limit check in teleport

0xtheblackpanther

GitHub
https://github.com/Cyfrin/2024-07-templegold/blob/6c3980a0486c01114d0ef1281df188b6c01991e6/protocol/contracts/templegold/TempleTeleporter.sol#L43-L58

Summary

The protocol assumes that users will always specify the correct amount of gas when sending cross-chain tokens. However, there is nothing that enforces this, meaning tokens can be sent with insufficient gas. This can cause the transaction to fail outside of the function, and the current code has no implementation for storing failed transactions or retrying the token teleportation. This will block the communication channel between the two chains. As a result, users won't be able to mint tokens on the destination chain (e.g., Arbitrum), as the channel is blocked.

Impact

If any subsequent tokens are sent to the destination chain while the cross-chain communication is blocked, the nonces will become out of sync, permanently blocking the channel between the two chains.

Recommendation

We recommend enforcing a minGasLimitForChain, which ensures that a minimum amount of gas is sent with each transaction. This will prevent insufficient gas issues and maintain the integrity of cross-chain communication.

Updates

Lead Judging Commences

inallhonesty Lead Judge
11 months ago
inallhonesty Lead Judge 11 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Appeal created

0xtheblackpanther Submitter
11 months ago
inallhonesty Lead Judge
11 months ago
inallhonesty Lead Judge 11 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.