Part 2

Zaros

PerpetualsDEXFoundrySolidity

70,000 USDC

View results

Previous Next

Submission Details

Severity: high

Invalid

Offchain Order Replay via Stale Nonce Mismanagement

olami9783

Summary

The contract relies on a nonce-based system to prevent replay attacks for offchain orders.
However, if a trader signs an order but does not update their nonce, an attacker with access to the signed order can resubmit it at a later time, forcing unintended trade executions.

While the contract correctly verifies the nonce, the issues arises on the client side if the trader fails to issue another order that increases their nonce. Since the nonce remains valid, an attacker can replay the order without the trader's consent, leading to potential financial loss.

Vulnerability Details

A trader signs an offchain order to buy/sell a perp position but does not execute it immediately,

The signed order is leaked or intercepted (e.g., by a compromised frontend, phishing attack, or exposed logs).

The trader does not place another order, meaning their nonce remains the same.

The attacker submits the old signed order to the contract, and because the nonce is still valid, it gets executed without the trader's consent.

Impact

The attacker can force a trader into a previously signed trade, potentially liquidating their position or causing an unintended market move.
Easy to Exploit: If an attacker obtains a valid signed order (e.g., through leaks, phishing, or client-side vulnerabilities), they can execute it at any time as long as the nonce remains unchanged.
Since the contract does not enforce nonce incrementation at the time of signing, this issue must be handled at the offchain system level.

Tools Used

Manual Review, Test, Old Report Attack.

Recommendations

Suggestion Fixes

Force nonce increment immediately upon signing ensuring that nonce updates on the backend, even if the order is not executed
This prevents attackers from reusing old signatures.

2.Require a timestamp & enforce expiration like introducing a validUntil field in the offchain order.

Introduce a commit-reveal mechanism
Instead of revealing the full order and nonce, users could first commit to an order hash.
The actual order is revealed and executed in later transaction, making it harder to replay.

Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago

Submission Judgement Published

Invalidated

Reason: Out of scope

Prize pool breakdown

Total prize

70,000 USDC

nSLOC

3,258

21 USDC / LOC

High Medium

66,500

Low

3,500

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.