Specific Security Recommendations for Protocols on Linea in Relation to Issue #17

[piotrammain]

This discussion addresses potential security vulnerabilities within Linea's ecosystem arising from the existing blacklisting asymmetry introduced by USDC (as detailed in issue #17). It also assesses the security implications of introducing Native USDC and proposes recommendations for mitigating these risks.

Attack Vectors due to Blacklisted USDC Addresses

Blacklisted addresses for popular ERC20 tokens, like USDC, can be used to exploit in several ways within perpetual protocols on Linea.

• Exploiting Unexpected Edge Cases: Unlike Ether transfers, which can fail due to missing functions or malicious reverts, ERC20 transfers are generally expected to succeed. This creates a vulnerability if the receiving address for an ERC20 transfer is blacklisted for that specific token, causing the transfer to revert.

• Hindering Timely Liquidations: In protocols requiring timely position liquidation to minimize insolvency risk, blacklisted addresses can impede the process. When a liquidation function attempts to return collateral to a blacklisted address after closing a position, the transfer will revert, potentially causing the liquidation to fail entirely. This can lead to bad debt accumulation (or risk-free trades in perpetuals) and an inability for the protocol to cover user losses.

Impact on Different Protocol Types

This vulnerability can affect various protocols on Linea, including:

• Lending/Borrowing Protocols
• Perpetual or Options Protocols
• Any Protocol with Liquidation Functionality

These protocols are susceptible if they utilize token transfers to arbitrary addresses or user accounts and if the transferred token has blacklist functionality. If a liquidation requires transferring a blacklisted token to a blacklisted address, the transaction will revert, hindering the liquidation process.

Recommendations

• Exercise Caution with Blacklistable Tokens: When adding new markets, exercise extreme caution with tokens that incorporate deny lists. Consider implementing checks to identify blacklisted users and restrict their access to relevant markets.

• Security Considerations for Native USDC: Introducing Native USDC on Linea poses additional security challenges due to the potential for an even greater attack surface. The blacklisting asymmetry between USDC on mainnet, Linea, USDC.e on Linea, and other chains (including 15 additional chains with potential USDC variations) can significantly increase vulnerabilities. Liquidation functions and other security concerns raised in this issue necessitate careful consideration of cross-chain vulnerabilities. Protocols built on Linea may need to implement stricter controls on accepting USDC collateral for specific addresses and potentially restrict interactions with certain addresses altogether.

Cross-Chain Transfer Protocol (CCTP) and Potential Impact on Existing Bridged USDC

Description:

This issue explores the potential interaction between the Cross-Chain Transfer Protocol (CCTP) and existing bridged forms of USDC. While Circle's documentation suggests no direct impact (https://developers.circle.com/), this requires further discussion in the context of composability within DeFi smart contracts.

Current Bridging Mechanisms:

• Lock-and-Mint Bridges: These applications lock native USDC in a smart contract on the source chain and mint a synthetic or bridged USDC on the destination chain. This process introduces trust assumptions and can fragment liquidity, impacting user experience.

CCTP and its Benefits:

• Native Burning and Minting: CCTP facilitates secure USDC transfers between blockchains by burning native USDC on the source chain and minting an equivalent amount on the destination chain. This offers improved capital efficiency and unified liquidity.
• Enhanced Developer Experience: As a low-level primitive, CCTP can be integrated into existing bridges and applications to simplify cross-chain USDC functionality. (https://developers.circle.com/)

Potential Concerns:

• Cross-chain, Cross-USDC Vulnerabilities: Blacklisting asymmetries and other potential vulnerabilities associated with bridged USDC could be exacerbated if composability together with CCTP's and smart contracts' internal accounting creates new attack vectors.
• Handling Edge Cases: Different bridged USDC forms (USDC.e) require careful consideration to ensure all edge cases are addressed without introducing critical vulnerabilities in composable smart contracts.

Alternative Use Case:

• CCTP could be used by bridge providers for programmatic rebalancing of liquidity pools, reducing operational overhead.

Recommendations for Developers:

• Be mindful of potential internal accounting vulnerabilities when developing cross-chain applications.
• Leverage CCTP to build innovative cross-chain apps, but prioritize security and user experience by simplifying functionalities.

Discussion Points:

• How can CCTP be best integrated with existing bridge infrastructure to minimize security risks?
• What strategies can ensure proper handling of edge cases involving different bridged USDC forms?

Additional Notes:

• Circle's documentation on CCTP and bridged USDC is referenced for context. (https://developers.circle.com/

[whileunless]

The science of blacklisting. Consensys is good in taking money from people and censoring them. But to expect from them to dive into all this science of blacklisting - may not happen without throwing on them millions of fiat more.

[gregorio500]

Oof, the complexity of handling different USDC forms is giving me chills!

[piotrammain]

Oof, the complexity of handling different USDC forms is giving me chills!

To clarify some previous points:

The Circle documentation states, "CCTP, as a low-level primitive, can be embedded within any app or wallet—even existing bridges—to enhance and simplify the user experience for cross-chain use cases. With USDC circulating on a large number of blockchain networks, CCTP can connect and unify liquidity across disparate ecosystems where it's supported"(https://developers.circle.com/stablecoins/docs/cctp-getting-started).

However, cross-chain and cross-USDC vulnerabilities associated with, but not limited to, blacklisting asymmetry, should not create a situation where the internal accounting of smart contracts unifies liquidity by introducing new attack vectors. Significant differences exist between various USDC forms, such as USDC.e, and a well-considered approach is necessary to handle all edge cases without introducing critical vulnerabilities into composable smart contracts.

While Circle's documentation claims that "CCTP has no direct impact upon existing bridged forms of USDC" (https://developers.circle.com/stablecoins/docs/cctp-faq), it's crucial to emphasize that different USDC forms are not isolated; composability is the foundation of DeFi smart contract development. As previously mentioned, diverse cross-chain, cross-USDC scenarios, and various blacklisting asymmetries introduced by both native and bridged USDC exist. We might argue that development on top of this can still be composable, but only at the expense of security if developers are not vigilant about the potential dangers.