Closed c4-bot-1 closed 6 months ago
raymondfam marked the issue as insufficient quality report
raymondfam marked the issue as primary issue
QA at best in the absence of a practical/actual scenario. Additionally, arbitraging is a common practice in defi.
There is no argument on how users submitting UserOperations the ERC-4337 mempool are more exposed to MEV attacks than sending transactions in the standard mempool, where the same practices described in the findings already commonly take place.
Seems more an arguing of a systemic issue what would be better placed in an analysis report.
3docSec marked the issue as unsatisfactory: Insufficient proof
Lines of code
https://github.com/code-423n4/2024-03-coinbase/blob/27873bc8881bc79ea21d1868cb13b58ab58ffdbd/src\SmartWallet\CoinbaseSmartWallet.sol#L1-L336 https://github.com/code-423n4/2024-03-coinbase/blob/27873bc8881bc79ea21d1868cb13b58ab58ffdbd/src\MagicSpend\MagicSpend.sol#L1-L341
Vulnerability details
Impact
The exploitation of MEV by Bundlers can have detrimental effects on the smart wallet ecosystem, leading to financial losses for users through manipulated transaction ordering, eroding trust as transactions may not be processed equitably, and causing network congestion due to increased transaction volumes from Bundlers seeking to maximize MEV profits.
Proof of Concept
Bundler is an entity that submits the transaction to the Blockchain network on behalf of the users. For the submission of the bundle transactions, the Bundler calls
handleOps()
of the Entrypoint.To illustrate the impact of MEV on smart wallets, consider a scenario where a user submits a UserOp to swap tokens at a favorable rate. A Bundler, spotting an opportunity for profit, could:
Front-run the user's swap by placing their own swap first, moving the market price against the user.
Back-run the user's swap by placing a trade immediately after, benefiting from the price movement caused by the user's initial swap.
Sandwich attack the user's swap by executing a buy order right before and a sell order right after the user's transaction, exploiting the price slippage.
Censor the user's transaction if it's not profitable for the Bundler to include, or if including it would prevent the Bundler's own transactions from being as profitable.
Manipulate gas prices by strategically ordering transactions to create artificial demand for block space, thus increasing gas prices.
the smart wallet submits the UserOp to the network, and the Bundler, acting as a miner, reorders the transactions within the block to maximize their own profits. The user's smart wallet, expecting a certain execution outcome, may end up with a worse rate or even a failed transaction due to the Bundler's actions. This demonstrates the potential risks and impacts of MEV on users and their smart wallets in an account abstraction framework. go to the Security Consideration section.
Tools Used
Manual Review
Recommended Mitigation Steps
Introduce Randomness: Implement mechanisms to introduce randomness in the order of transaction processing, making it more difficult for Bundlers to predict and exploit MEV opportunities.
Time-Locks: Use time-lock mechanisms to delay the visibility of transactions, preventing immediate front-running and other MEV strategies.
Rate Limiting: Implement rate limiting on UserOps submission to prevent rapid transaction sequences that could facilitate MEV attacks.
Bundler Regulations: Create a set of rules or a code of conduct for Bundlers, potentially including a registration process to hold them accountable for their actions.
Assessed type
Error