Closed code423n4 closed 2 years ago
Agreed, but here the miner executes a very costly transaction at a high gas price, only to be refunded for the costly transaction. The miner is not able to profit, but agreed is able to drain a user's wallet. Suggest 2-medium severity, as the attack is possible but is without any extractable incentive.
A native Oracle solution is already in-process, as shown in the code stub https://github.com/skalenetwork/ima-c4-audit/blob/11d6a6ae5bf16af552edd75183791375e501915f/contracts/schain/CommunityLocker.sol#L219-L223
Duplicate of #28
Dup of #28
Lines of code
https://github.com/skalenetwork/ima-c4-audit/blob/main/contracts/mainnet/MessageProxyForMainnet.sol#L205-L253 https://github.com/skalenetwork/ima-c4-audit/blob/main/contracts/mainnet/CommunityPool.sol#L82-L112
Vulnerability details
Impact
The
postIncomingMessages()
function is used to broadcast signed data indicating that a funds on an schain will be moved to mainnet. While the function performs proper signature verification, it doesn't prevent any arbitrary user from frontrunning the function with the same arguments. As a result, the caller will be entitled to any gas reimbursements.However, the
CommunityPool.refundGasByUser()
function usestx.gasprice
to determine the amount to deduct from the gas payer's wallet.tx.gasprice
can be easily manipulated by a miner at no additional cost to them as the transaction will always take up a fixed amount of block space. Therefore, a miner could frontrun the transaction with an extraordinarily hightx.gasprice
to receive increasedETH
as a gas reimbursement. This would be an effective form of Miner Extractable Value (MEV).Proof of Concept
postIncomingMessages()
withtx.gasprice
set to 100 gwei.tx.gasprice
to 1000 gwei.tx.gasprice
is set to, but they do not have to forfeit the cost of this.ETH
as the honest node operator would have received with no underlying cost. This can be abused to drain the wallets of all gas payers.Tools Used
Manual code review.
Recommended Mitigation Steps
Consider using
block.basefee
or similar to limit the degree by which miners can manipulate the gas price. It may also be useful to use a Chainlink oracle to verify that these values do not go outside of some predefined upper and lower boundaries.