0age
commented
1 year ago contested; order status is checked 🙃
Closed code423n4 closed 1 year ago
0age
commented
1 year ago contested; order status is checked 🙃
c4-judge
commented
1 year ago HickupHH3 marked the issue as unsatisfactory: Insufficient quality
Lines of code
https://github.com/ProjectOpenSea/seaport/blob/5de7302bc773d9821ba4759e47fc981680911ea0/contracts/lib/Verifiers.sol#L71
Vulnerability details
Impact
The code does not check for the possibility of a replay attack on the contract, if the same order hash is being used multiple times
Proof of Concept
A replay attack is a type of attack where an attacker intercepts a valid transaction and resends it multiple times, potentially causing unintended actions to occur on the contract.
In the provided code, the _verifySignature function https://github.com/ProjectOpenSea/seaport/blob/5de7302bc773d9821ba4759e47fc981680911ea0/contracts/lib/Verifiers.sol#L71 accepts an order hash as an input and does not check if the same order hash has been used before. If an attacker intercepts a valid order and resends the same order hash multiple times, the contract will process the order again and again, leading to unintended actions such as multiple execution of the same order.
suppose an order is created with a valid signature from the offerer and an order hash. An attacker intercepts the order hash and resends it multiple times to the contract, the contract will process the order multiple times, leading to unintended actions such as multiple execution of the same order and potentially resulting in the loss of assets.
Tools Used
Recommended Mitigation Steps
contract could store the order hashes of all processed orders and check if an incoming order hash has already been processed before. If the same order hash is used multiple times, the contract would reject it and return an error message. This would prevent replay attacks from being successful.