Open code423n4 opened 2 years ago
I'm afraid I don't follow how this spam attack would work. You can replay a validator set with the same content, but it needs a new nonce, at which point you're limited to submitting a new one when the Cosmos chain generates it.
Agreed, I don't think this is an attack.
reopening as per judges assessment as "primary issue" on findings sheet
Handle
0xito
Vulnerability details
Impact
the validator set can be updated with the current set which is already stored. this leads to
ValsetUpdatedEvent
being spammed to the backendProof of Concept
Tools Used
Recommended Mitigation Steps
add a check such that
newCheckpoint != makeCheckpoint(_currentValset, state_gravityId)
.