search

code-423n4 / 2024-03-phala-network-findings

0 stars 0 forks source link

Possible denial-of-service attacks due to hardcoded gas limits #12

Closed c4-bot-10 closed 3 months ago

c4-bot-10 commented 4 months ago

Lines of code

https://github.com/code-423n4/2024-03-phala-network/blob/a01ffbe992560d8d0f17deadfb9b9a2bed38377e/phala-blockchain/crates/pink/runtime/src/capi/ecall_impl.rs#L296-L304

Vulnerability details

Impact

The impact of this vulnerability is significant as it can lead to denial-of-service attacks or inefficient resource allocation within the blockchain network. Inaccurate gas limits may result in transactions being unable to execute due to insufficient gas or excessive gas consumption leading to inefficient use of resources.

Proof of Concept

The gas limit sanitization mechanism implemented in the sanitize_args function is susceptible to inadequacy due to hardcoded gas limits. Although the function attempts to mitigate gas usage by setting limits based on the execution mode, the fixed gas thresholds may not adequately reflect the true resource requirements of the executed operations. Here's a snippet of the relevant code:

fn sanitize_args(mut args: TransactionArguments, mode: ExecutionMode) -> TransactionArguments {
    const GAS_PER_SECOND: u64 = WEIGHT_REF_TIME_PER_SECOND * 5;
    let gas_limit = match mode {
        ExecutionMode::Transaction | ExecutionMode::Estimating => GAS_PER_SECOND / 2,
        ExecutionMode::Query => GAS_PER_SECOND * 10,
    };
    args.gas_limit = args.gas_limit.min(gas_limit);
    args
}

In this implementation, the gas limit is calculated based on a predefined constant GAS_PER_SECOND, which is multiplied by a factor to determine the gas limit for different execution modes. However, these factors are hardcoded and might not accurately reflect the actual resource requirements of the executed operations. This vulnerability could potentially lead to underestimation or overestimation of gas limits, resulting in denial-of-service attacks due to insufficient gas or inefficient resource allocation due to excessive gas consumption.

Tools Used

Manual

Recommended Mitigation Steps

Instead of using hardcoded values, the gas limit should be dynamically adjusted based on factors such as transaction complexity, contract size, and network conditions.

Assessed type

DoS

c4-pre-sort commented 3 months ago

141345 marked the issue as insufficient quality report

141345 commented 3 months ago

hardcode gas limit. seems misunderstanding of gas limit calculation

c4-judge commented 3 months ago

OpenCoreCH marked the issue as unsatisfactory: Invalid