Summary

In the NativeMetaTransaction contract, the executeMetaTransaction function is currently marked as payable, allowing it to accept native tokens (msg.value). While recent updates have addressed concerns regarding the potential for native tokens to become locked, retaining the payable modifier may still lead to unintended behaviors and lack of clarity in the function’s intent.

Vulnerability Details

In earlier contract versions, the executeMetaTransaction function was marked payable but did not forward msg.value to any subsequent low-level calls. This created the potential for any native tokens sent as part of a transaction to become irretrievably locked within the contract. The recent update addresses this risk by forwarding msg.value with the low-level call. While forwarding msg.value prevents tokens from becoming stuck, the payable modifier remains unnecessary in this function, as the core purpose of executeMetaTransaction does not inherently involve handling native tokens.

Impact

Marking the function as payable may signal to users that sending native tokens is a required or expected part of using executeMetaTransaction. This is misleading since the function’s primary role does not depend on token transfers.

Tools Used

Manual analysis

Recommendations

Removing the payable modifier from executeMetaTransaction would ensure that users cannot inadvertently send native tokens, aligning the function’s usage with its intent.