c4-judge
commented
1 year ago gzeon-c4 marked the issue as duplicate of #90
Closed code423n4 closed 1 year ago
c4-judge
commented
1 year ago gzeon-c4 marked the issue as duplicate of #90
c4-sponsor
commented
1 year ago livingrockrises marked the issue as sponsor acknowledged
c4-judge
commented
1 year ago gzeon-c4 marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-01-biconomy/blob/5df2e8f8c0fd3393b9ecdad9ef356955f07fbbdd/scw-contracts/contracts/smart-contract-wallet/aa-4337/core/EntryPoint.sol#L68
Vulnerability details
Description
While the relayer has a positive outcome from the execution of some of the user operations (through gas refund) it is profitable for the attacker to front-run such transactions with a full copy of those. In such a case attacker receives a positive outcome and in parallel does a griefing attack on the gas spent by the original relayer.
Impact
Possibility of front-running the relayers transaction with incentives for the attacker. In parallel, it is a griefing attack on the gas spent by the relayer.
Recommended Mitigation Steps
Add the possibility of signing the address of the relayer to have protection again such types of attacks. It is reasonable to maintain the possibility of an arbitrary relayer with
signedExecutorequal toaddress(0).