Project

One World

NFTDeFi

15,000 USDC

View results

Previous Next

Submission Details

Severity: low

Valid

Missing Deadline in Meta-Transaction Can Result in Uncontrolled Transaction Execution and Potential Exploits

0xsecuri

Summary

The NativeMetaTransaction.sol contract lacks a deadline parameter for signed meta-transactions. Without this deadline, signed transactions do not expire and may be executed even after the user no longer intends for them to be, potentially causing unintended actions.

Vulnerability Details

In the NativeMetaTransaction.sol contract, users sign transactions that relayers can execute on their behalf. However, the contract does not include a deadline parameter in the MetaTransaction struct or check for a time limit in the executeMetaTransaction function.

struct MetaTransaction {

uint256 nonce;

address from;

bytes functionSignature;

}

function executeMetaTransaction(

address userAddress,

bytes memory functionSignature,

bytes32 sigR,

bytes32 sigS,

uint8 sigV

) public payable returns (bytes memory) {

MetaTransaction memory metaTx = MetaTransaction({

nonce: nonces[userAddress],

from: userAddress,

functionSignature: functionSignature

});

require(

verify(userAddress, metaTx, sigR, sigS, sigV),

"Signer and signature do not match"

);

// increase nonce for user (to avoid re-use)

nonces[userAddress] = nonces[userAddress] + 1;

emit MetaTransactionExecuted(

userAddress,

msg.sender,

functionSignature,

hashMetaTransaction(metaTx)

);

// Append userAddress and relayer address at the end to extract it from calling context

(bool success, bytes memory returnData) = address(this).call{value: msg.value}(

abi.encodePacked(functionSignature, userAddress)

);

require(success, "Function call not successful");

return returnData;

}

Without a deadline, a signed transaction can be executed by a relayer at any time, even if the user’s intent or conditions have changed. For example, if Alice signs a transaction intending it to be executed immediately, the relayer could store and execute it much later when conditions differ or if Alice’s account status has changed.

This lack of expiration time introduces the risk of:

Malicious relayers could delay the execution of signed transactions, even when no longer desired by the user.
Unexpected User Actions: If a transaction is executed when a user no longer intends to proceed, it can lead to harm for that user for example financial loss.

Impact

Without a deadline, signed transactions may be vulnerable to unintended execution, creating security and usability risks.

Tools Used

VSCode

Recommendations

Include a deadline parameter in the MetaTransaction struct and require that the transaction is executed only if block.timestamp <= deadline.

Updates

Lead Judging Commences

0xbrivan2 Lead Judge

8 months ago

0xbrivan2 Lead Judge 8 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Missing deadline in meta transactions

Appeal created

0xbrivan2 Lead Judge 8 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Missing deadline in meta transactions

Prize pool breakdown

Total prize

15,000 USDC

nSLOC

541

28 USDC / LOC

High Medium

14,000 USDC

Low

1,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.