Minimal Error Messaging in Critical Require Statements
Description
In several parts of the contracts, require statements lack detailed error messages. For example, in V2’s _extractPeriodFromProof:
has no descriptive message.
Workflow Explanation
Proof Processing:
The verifier processes the state proof and callsVerifier.extractSlotValueFromProof.Slot Existence Check:
If the expected slot does not exist, the require statement reverts without a helpful error message.
Attack Path
Misconfiguration or Malicious Input:
If a state proof is missing the expected storage slot (either due to an error or a malicious attempt), the contract will revert with a generic error.Impact:
This does not directly allow an attacker to profit, but it hinders debugging, monitoring, and operational response. In a live system, ambiguous errors can delay the detection and mitigation of more severe issues.
Proof of Concept Outline
Test Case:
Submit a proof that deliberately omits the period slot.Observation:
The transaction reverts with a generic error, making it harder to diagnose the root cause without additional logging.
Mitigation Recommendation
-
Update require statements to include detailed error messages, e.g.:
require(slot.exists, "Period slot not found in state proof");
Lead Judging Commences
[invalid] finding-error-can-be-more-explicit
Informational, non-acceptable severity given it has arguably no security impact
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.