While the issue mentioned in M-02 has been technically mitigated, the same attack can be performed in another function present in the wallet.
The report describes an attack in which a malicious relayer can force the failure of calls to tryCatch. The issue in this specific function has been mitigated, however the same attack can be performed in the function tryCatchLimit. This new issue is expanded in [adriro-NEW-M-01].
Lines of code
Vulnerability details
Mitigation of M-02: Issue partially mitigated, see comments
Link to Issue: https://github.com/code-423n4/2023-05-ambire-findings/issues/18
Comments
While the issue mentioned in M-02 has been technically mitigated, the same attack can be performed in another function present in the wallet.
The report describes an attack in which a malicious relayer can force the failure of calls to
tryCatch
. The issue in this specific function has been mitigated, however the same attack can be performed in the functiontryCatchLimit
. This new issue is expanded in [adriro-NEW-M-01].Assessed type
Other