search

code-423n4 / 2021-08-gravitybridge-findings

1 stars 0 forks source link

validator set can be updated with same set #23

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

Handle

0xito

Vulnerability details

Impact

the validator set can be updated with the current set which is already stored. this leads to ValsetUpdatedEvent being spammed to the backend

Proof of Concept

Tools Used

Recommended Mitigation Steps

add a check such that newCheckpoint != makeCheckpoint(_currentValset, state_gravityId).

jkilpatr commented 2 years ago

I'm afraid I don't follow how this spam attack would work. You can replay a validator set with the same content, but it needs a new nonce, at which point you're limited to submitting a new one when the Cosmos chain generates it.

albertchon commented 2 years ago

Agreed, I don't think this is an attack.

loudoguno commented 2 years ago

reopening as per judges assessment as "primary issue" on findings sheet