Era

ZKsync

FoundryLayer 2

500,000 USDC

View results

Previous Next

Submission Details

Severity: low

Valid

Messages sent from L2 to L1 does not constrain the receiver chain which can lead to replaying in L1 and GW

draiakoo

Summary

Sending messages from an L2 when it is settled to the GW can be proven in the GW and L1 which can lead to message double spending

Vulnerability Details

When a user on L2 sends a message or a base token withdrawal, the sendToL1 function is executed on the L1Messenger:

function sendToL1(bytes calldata _message) external override returns (bytes32 hash) {

uint256 gasBeforeMessageHashing = gasleft();

hash = EfficientCall.keccak(_message);

uint256 gasSpentOnMessageHashing = gasBeforeMessageHashing - gasleft();

/// Store message record

chainedMessagesHash = keccak256(abi.encode(chainedMessagesHash, hash));

/// Store log record

L2ToL1Log memory l2ToL1Log = L2ToL1Log({

l2ShardId: 0,

isService: true,

txNumberInBlock: SYSTEM_CONTEXT_CONTRACT.txNumberInBlock(),

sender: address(this),

key: bytes32(uint256(uint160(msg.sender))),

value: hash

});

_processL2ToL1Log(l2ToL1Log);

...

emit L1MessageSent(msg.sender, hash, _message);

}

In this function it chains the total messages during the batch and then it will be sent by the bootloader at the end so it can be proved in other chains.
The problem is that it does not constrain which chain should consume this message. In this case, if the L2 is settled in the GW, a user could prove the inclusion of his message in both GW and L1 chains. This can be really problematic because for base token withdrawals, the user will be able ot receive tokens in both chains.

Impact

High, users can prove the inclusion of the same message in both chains that can lead to double spending withdrawals

Tools Used

Manual review

Recommendations

It does not have a trivial solution, but messages should include a chainId representing which chain should be able to consume the message.

Updates

Lead Judging Commences

inallhonesty Lead Judge

5 months ago

inallhonesty Lead Judge 5 months ago

Submission Judgement Published

Invalidated

Reason: Design choice

Appeal created

draiakoo Submitter

5 months ago

inallhonesty Lead Judge

5 months ago

inallhonesty Lead Judge 5 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Messages sent from L2 to L1 does not constrain the receiver chain which can lead to replaying in L1 and GW

Prize pool breakdown

Total prize

500,000 USDC

nSLOC

15,741

32 USDC / LOC

High Medium

475,000 USDC

Low

25,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.