`asD` factory is vulnerable to re-org attack

[c4-submissions]

Lines of code

https://github.com/code-423n4/2023-11-canto/blob/335930cd53cf9a137504a57f1215be52c6d67cb3/asD/src/asDFactory.sol#L34

Vulnerability details

Impact

The create function makes a new asD token using the create, where the address derivation depends only on the asDFactory nonce. At the time of creation, a block reorg may be happenning. They're not uncommon EVM chains including Canto where this project will be deployed. A malicious user can use this to his advantage to steal funds from the initial creator.

Previous reports also contain more information on the issue. Frankencoin, Rabbithole, PoolTogether

Proof of Concept

Alice creates an asD contract through the create function. Bob sees that the block reorg is happening and calls the same function with different parameters. Thus, it creates the asD contract with an address that Alice is supposed to have. Subsequently, any transactions conducted on Alice's asD contaract (e.g minting, burning, etc.) will be executed on the asD contract with Bobs provided parameters.

    function create(string memory _name, string memory _symbol) external returns (address) {
        asD createdToken = new asD(_name, _symbol, msg.sender, cNote, owner());  //@note
        isAsD[address(createdToken)] = true;
        emit CreatedToken(address(createdToken), _symbol, _name, msg.sender);
        return address(createdToken);
    }

Tools Used

Manual code review

Recommended Mitigation Steps

Use create2 instead of create, with salt that depends on msg.sender.

Assessed type

Other

[c4-pre-sort]

minhquanym marked the issue as duplicate of #313

[c4-judge]

MarioPoneder changed the severity to QA (Quality Assurance)

[c4-judge]

MarioPoneder marked the issue as grade-c

[c4-judge]

MarioPoneder marked the issue as grade-b