c4-pre-sort
commented
1 year ago 0xA5DF marked the issue as duplicate of #179
Open c4-submissions opened 1 year ago
c4-pre-sort
commented
1 year ago 0xA5DF marked the issue as duplicate of #179
c4-pre-sort
commented
1 year ago 0xA5DF marked the issue as sufficient quality report
c4-judge
commented
1 year ago alcueca changed the severity to G (Gas Optimization)
c4-judge
commented
1 year ago alcueca marked the issue as grade-a
c4-judge
commented
1 year ago alcueca marked the issue as selected for report
c4-judge
commented
1 year ago alcueca marked issue #179 as primary and marked this issue as a duplicate of 179
Lines of code
https://github.com/code-423n4/2023-09-maia/blob/main/src/RootBridgeAgent.sol#L946
Vulnerability details
Description
In
RootBridgeAgent.solwhen fallback call is performed, the corresponding message is transmitted via LayerZero protocol. This call does not specify gas amount for the transaction. That means, currently, LayerZero protocol gives 200.000 gas for the transaction on the destination chain.However, in the future versions of either blockchain or LayerZero protocol, the required execution cost and default provided gas value might change. In that case, fallback call in
BranchBridgeAgent.solwill fail and the user deposit will have an incorrect status due to line 686 not being executed . As a result, the deposit will not be redeemable and users will lose their funds.Note, that this also contradicts the integration checklist of the LayerZero protocol. According to LayerZero documentation:
Recommended Mitigation Steps
We recommend following LayerZero recommendations and passing the required gas amount for a fallback as a parameters in
adapterParamersstruct. The actual gas amount might be stored in the contract as a parameter that might be changed by a governance in the future if needed.Assessed type
Other