Closed code423n4 closed 2 years ago
In this case only single SKALE chain <> Ethereum connection will be affected. Other chains still will be able to send messages.
In addition to this not everyone can send messages via IMA. SKALE chain owner explicitly whitelist entities that are allowed to send messages and it can ensure that a receiver is not a malicious smart contract. By default only TokenManager
s and DepositBox
s smart contracts are used and they cover needs of majority of developers. Obviously extending of IMA functionality is more dangerous than using out of the box functionality.
While I agree with the warden that a griefing destinationContract
could be set to cause reverts, and that those reverts would be try/catched, I don't believe that any meaningful disruption has been proven in this finding.
Ultimately if the 16*2/3 validators sign a message that will cause this, they would ultimately achieve their self-determined goal of having some transaction revert.
I believe a different argument for the bridge being custodial (which has been made) can be brought up, however this is not the case for this finding.
I believe the finding to be valid but it's impact to be minimal, I think Low Severity to be more appropriate
Lines of code
https://github.com/skalenetwork/ima-c4-audit/blob/main/contracts/MessageProxy.sol#L415-L449 https://github.com/skalenetwork/ima-c4-audit/blob/main/contracts/mainnet/MessageProxyForMainnet.sol#L235-L250
Vulnerability details
Impact
In the function
_callReceiverContract()
if a maliciousdestinationContract
is set which does not return anaddress
then the transaction will revert.The
try-catch
statement seen in the code snippet below for the function_callReceiverContract()
hasreturns (address receiver)
. Solidity will then performabi.decode(returndata, (address))
on the return data ofpostMessage()
assuming the function does not revert (i.e. is successful).However, this poses a threat to the system as
abi.decode()
will revert if there are insufficient bytes to decode into anaddress
i.e. ifreturndata
is less than 20 bytes. Since a maliciousdestinationContract
has control over the size of thereturndata
they could send less than 20 bytes which would cause_callReceiverContract()
to revert.The impact of
_callReceiverContract()
reverting is thepostIncomingMessages()
would revert for that SChain. Therefore the bridge will still since no incoming messages could be processed.Proof of Concept
MessageProxyForMainnet.sol
MessageProxyForSchain.sol
Recommended Mitigation Steps
Consider removing the
else
statement inMessageProxyForMainnet.sol
seen in the snippet below. This would prevent processing messages where thedesitantionContract
is not registered by the protocol.