Platform: Code4rena
Start Date: 26/05/2023
Pot Size: $100,000 USDC
Total HM: 0
Participants: 33
Period: 14 days
Judge: leastwood
Id: 241
League: ETH
Rank: 17/33
Findings: 1
Award: $813.40
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: rbserver
Also found by: 0x73696d616f, 0xTheC0der, 0xdeadbeef, 0xhacksmithh, Bauchibred, GalloDaSballo, KKat7531, Madalad, MohammedRizwan, Rolezn, SAAJ, SanketKogekar, Sathish9098, VictoryGod, brgltd, btk, codeslide, descharre, hunter_w3b, jauvany, kaveyjoe, ladboy233, nadin, niser93, shealtielanz, souilos, trysam2003, yongskiws
813.4016 USDC - $813.40
This L2 solution lacks a mechanism to recover funds on the source layer in case a message can never be (not even manually) relayed successfully on the destination layer, see CrossDomainMessenger.relayMessage(...). In this case, user tokens are stuck in the source layer's StandardBridge contract and ETH is stuck in the source layer's OptimismPortal.sol (in case of L1) or L2ToL1MessagePasser.sol (in case of L2). I recommend a mechanism that allows to invalidate a message on the destination layer after a given time-out, this info is then relayed to the source layer and therefore allows the user to recover funds on the source layer. However, this is neither a vulnerability nor a bug per se, it's just a missing feature and users of this L2 solution are at risk to lose funds without this feature, in case of user error.
#0 - 0xleastwood
2023-06-16T13:51:41Z
Not sure about this so I will defer to the Base protocol team for now.
#1 - c4-judge
2023-06-16T13:51:46Z
0xleastwood marked the issue as grade-b