Message channels can be blocked due to not enforcing a minimal gas cost passed through LayerZero
Summary
Message channels can be blocked due to not enforcing a minimal gas cost passed through LayerZero
Vulnerability Details
A call to the destination chain through LayerZero requires a minimum amount of gas for the sending and the execution of the message. This is fully guaranteed by the protocol that integrates LayerZero and the message execution will revert if not enough gas is sent.
In TempleTeleporter::teleport(), a user needs to provide enough native fees to LayerZero as gas for the sending and the execution of the message sent. TempleTeleporter expects the user to get an estimation of it by calling the TempleTeleporter::quote()
However, a minimum native fees amount is not enforced, allowing anyone to call the call TempleTeleporter::teleport() by providing a low amount of native tokens. Thus blocking the channel for all the users and DOSing anyone who want to use this channel.
Impact
There's no mecanism in order to ensure that the fees are transferred from the sender and are sufficient for the message to be sent and executed well. Allowing channels to be blocked by anyone at low cost.
Tools Used
Manual review
Recommendations
Re-engineer the architecture to make theTempleTeleporter::quote() a mandatory step of the process.
Lead Judging Commences
Incorrect payload bytes in `quote()` they use `abi.encodePacked(_to, _amount)` instead of `abi.encodePacked(_to.addressToBytes32(), _amount)`
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.