Closed code423n4 closed 1 year ago
InterchainProposalSender does not transfer tokens but emits the payload for the execution on the destination chain.
Invalid assumption.
0xSorryNotSorry marked the issue as low quality report
berndartmueller marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-07-axelar/blob/main/contracts/interchain-governance-executor/InterchainProposalSender.sol#L88
Vulnerability details
Impact
The protocol will lose the funds that the user sent to the origin chain InterchainProposalSender contract for the proposal.
Proof of Concept
When a proposal gets submitted it gets reviewed by validators on the Axelar network and then receives a validation on the destination chain so it can get executed by the execution contract there. The issue here arises because of chain reorgs, which happen on certain chains relatively frequently. For example, Polygon has multiple chain reorgs daily, and most of them have a depth of more than 1 block. One of the longest block reorgs that happened recently on Polygon even had a depth of 157 blocks(6 minutes). https://forum.polygon.technology/t/157-block-reorg-at-block-height-39599624/11388 https://polygonscan.com/blocks_forked
The validation of transactions with Polygon as an origin chain takes 6-7 minutes on average. This is just over the amount of time the reorg mentioned above took.
Take the following scenario into account:
Tools Used
Manual Review
Recommended Mitigation Steps
I am not exactly sure what can be done to prevent it on the protocol's side other than increasing the validation wait times further.
Assessed type
Other