Project
One World
NFTDeFi
15,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Lack of Fallback Mechanism in call

hackz

Summary

The executeMetaTransaction function in NativeMetaTransaction.sol lacks a robust fallback mechanism when using the call function. If the call fails, it reverts without a detailed error message, which could complicate debugging and obscure the reason for failure.

Finding Description

The executeMetaTransaction function performs a low-level call to the contract itself using address(this).call. While this is a common practice, the lack of specific error handling or fallback mechanisms in this call can lead to unclear reverts. When the call fails—due to reasons such as insufficient balance or excessive gas consumption—there is no specific error message provided, resulting in a general failure message that does not aid debugging.

This breaks the security guarantee of clear error handling, potentially reducing the ability to pinpoint or resolve the underlying issue in a production environment. A malicious or poorly constructed transaction could be propagated through the system, leading to a failure with no insight into the failure’s origin.

Vulnerability Details

The call function in executeMetaTransaction does not handle errors beyond the success/failure check. If the call fails, the transaction reverts with a generic "Function call not successful" error, providing no information on the underlying reason, which could be due to:

  • Insufficient funds in the contract balance for a value transfer.

  • High gas consumption for a complex function.

  • Compatibility issues with the called function’s structure.

This lack of a detailed error message hinders developers and users in diagnosing the issue, especially in a production environment.

Impact

The impact is medium because, while it doesn’t directly lead to a security vulnerability, it reduces transparency and debugging ease. Detailed error messages are essential for contract reliability and user confidence, particularly in high-stakes applications involving financial transactions.

Proof of Concept

To reproduce this issue, consider a scenario where:

  1. The contract’s balance is insufficient for a function requiring a value transfer.

  2. A complex function is invoked with a high gas requirement, causing call to fail due to gas limitations.

In either case, the transaction would revert with a generic error, lacking specific details on why it failed.

Example:

(bool success, bytes memory returnData) = address(this).call{value: msg.value}(
abi.encodePacked(functionSignature, userAddress)
);
require(success, "Function call not successful");

Recommendations

  1. Add detailed error handling using returnData to capture the specific revert reason, if available. This can be done by checking if returnData contains an error message and emitting it if the call fails.

Suggested Fix

Modify the executeMetaTransaction function as follows:

(bool success, bytes memory returnData) = address(this).call{value: msg.value}(
abi.encodePacked(functionSignature, userAddress)
);
if (!success) {
// Decode and bubble up any revert reason from the call
if (returnData.length > 0) {
// Bubble up the revert reason
assembly {
let returndata_size := mload(returnData)
revert(add(32, returnData), returndata_size)
}
} else {
revert("Function call not successful: Unknown error");
}
}

This change allows any error message from returnData to be propagated back to the caller, making it easier to diagnose the underlying cause of the failure.

File Location

NativeMetaTransaction.sol

Updates

Lead Judging Commences

0xbrivan2 Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.