Zaros Part 1

Summary

The SettlementBranch::fillOffchainOrders function processes off-chain orders signed by traders. A keeper validates these signatures and, if valid, fills the orders for the specified market ID.

Vulnerability Details

The fillOffchainOrders function in the SettlementBranch contract processes multiple off-chain orders in a single transaction. If any order has an invalid signature, the entire transaction reverts. This can be exploited by a malicious user to cause a Denial of Service (DoS) attack, preventing the execution of valid off-chain orders.

Example Scenario:

A keeper submits a transaction to fill multiple off-chain orders for a specific market ID.
The transaction includes valid signatures for these orders.

A malicious user creates an off-chain order with an invalid signature.

The keeper submits this invalid order along with other legitimate orders.

Resulting Behavior:

The fillOffchainOrders function processes the orders sequentially.
When it encounters the invalid signature, it reverts the entire transaction.

As a result, none of the valid off-chain orders are processed.

Impact

Denial of Service: The legitimate transaction fails due to the invalid signature, preventing the execution of valid off-chain orders.

Operational Disruption: Repeated attacks can lead to significant disruptions in the settlement process, affecting the overall functionality and reliability of the contract.

Tools Used

Manual Review

Recommendations

To handle invalid signatures without reverting the entire transaction, use ECDSA.tryRecover and handle errors gracefully. This allows the function to skip invalid orders and continue processing the rest.