Platform: Code4rena
Start Date: 26/08/2021
Pot Size: $100,000 USDC
Total HM: 8
Participants: 13
Period: 14 days
Judge: Albert Chon
Total Solo HM: 7
Id: 27
League: COSMOS
Rank: 7/13
Findings: 1
Award: $1,694.66
π Selected for report: 1
π Solo Findings: 0
285.3805 USDC - $285.38
0xito
the verifysig function is vulnerable to signature modifications.
one can take an existing signature and derive a second signature from it.
The
ecrecoverEVM opcode allows for malleable (non-unique) signatures: this function rejects them by requiring thesvalue to be in the lower half order, and thevvalue to be either 27 or 28. - OpenZeppelin
the impact should be low because replay attacks with a different signature are not useful for this protocol.
#0 - jkilpatr
2021-09-10T15:30:48Z
duplicate of #61
#1 - albertchon
2021-09-23T13:27:28Z
π Selected for report: 0xito
Also found by: ElliotFriedman
704.6432 USDC - $704.64
0xito
attacker can send a logic call that performs a token.approve(attackerAddress, type(uint256).max) using the submitLogicCall function.
afterwards, they can steal all tokens from the bridge using token.safetransferfrom(bridge, attacker, amount).
submitLogicCall with token.approve(attackerAddress, type(uint256).max)token.safetransferfrom(bridge, attacker, amount)disallow calls to the bridge contract, or to any token/NFT contracts that the bridge owns tokens of (token.balanceOf(address(this)) > 0).
#0 - jkilpatr
2021-09-10T15:21:17Z
I would classify this as low risk at most. Arbitrary logic calls can only be triggered by the Cosmos module itself with full consensus, the ability of arbitrary logic to do unknown dangerous things is the design intent and any call actually deployed would have to have the upmost inspection before being used.
duplicate of #1
#1 - albertchon
2021-09-23T13:39:17Z
Agreed on the low risk classification. Perhaps the trust assumptions of the model should've been made more clear.
Duplicate of https://github.com/code-423n4/2021-08-gravitybridge-findings/issues/1
#2 - jkilpatr
2021-09-26T13:14:25Z
I agree, arbitrary logic could be better documented. But it's also very clear in the existing code that there's no way to create arbitrary logic transactions as a user.
#3 - loudoguno
2021-10-01T03:48:09Z
reopening as per judges assessment as "primary issue" on findings sheet
0xito
when submitbatch is called with a _batchnonce of the maximum unsigned number (type(uint256).max), all future calls will fail due to this check:
require(state_lastBatchNonces[_tokenContract] = type(uint256).max < _batchNonce, "...");
no batches can be submitted again but are still accepted on the cosmos side.
The same issue exists for submitLogicCall and setting args.invalidationNonce = type(uint256).max
the nonces should not be arbitrary, ideally, they are the previous nonce + 1, or within a range of the previous nonce.
#0 - jkilpatr
2021-09-10T15:23:05Z
duplicate of #32
I'm fine with a high risk classification here. There's a meaningful risk of just screwing this state up by accident.
#1 - albertchon
2021-09-23T13:37:08Z
I think this deserves a low risk categorization, as it's a duplicate of https://github.com/code-423n4/2021-08-gravitybridge-findings/issues/24