Submission Details
Severity:
Signature Replay Attack Potential due to missing Nonce parameter that should be used just once.
Summary
The SalbierFlow::withdrawfunction does not have the nonceparramter that ensures a signature and a transaction can only be used at once.
Vulnerability Details
Here are the details below without Nonce
function withdraw(
uint256 streamId,
address to,
uint128 amount
)
external
override
noDelegateCall
notNull(streamId)
updateMetadata(streamId)
returns (uint128 withdrawnAmount, uint128 protocolFeeAmount)
{
// Checks, Effects, and Interactions: make the withdrawal.
(withdrawnAmount, protocolFeeAmount) = \_withdraw(streamId, to, amount);
}
Impact
Without nonce in a withdraw funcrion, attacker can drain a user by resuing the signature onchain that has been used previosly for a transaction and effectively using the signature to steal money from the user that has the signature.
Tools Used
Manual review
Recommendations
Addition of nonce and there are checks for it.
function withdraw(
uint256 streamId,
address to,
uint128 amount,
+ uint256 nonce
external
override
noDelegateCall
notNull(streamId)
updateMetadata(streamId)
returns (uint128 withdrawnAmount, uint128 protocolFeeAmount)
{
+require(!_usedNonces[nonce], "SablierFlow: Nonce already used");
+_usedNonces[nonce] = true;
// Checks, Effects, and Interactions: make the withdrawal.
(withdrawnAmount, protocolFeeAmount) = _withdraw(streamId, to, amount, minOutput);
}
Prize pool breakdown
Total prize
20,000 USDC
nSLOC
69929 USDC / LOC
19,000 USDC
1,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.