Closed c4-bot-9 closed 5 months ago
minhquanym marked the issue as sufficient quality report
The Cert chain follows this architecture: (from: https://download.01.org/intel-sgx/sgx-dcap/1.9/linux/docs/Intel_SGX_PCK_Certificate_CRL_Spec-1.4.pdf)
so this n is forced to be 3 when enter this function which is pre-checked in input validation phase. Then the n-1(certChain[2]) which is the intel ROOT CA is never revoked, and we only need to check the n-2(certChain[1]) the ROOT signed revoked list & n-3(certChain[0]) the PCK signed revoded list.
dantaik (sponsor) disputed
Certificate array length is 1
Warden doesn't show how this expected state will be reached based on the design. I think QA is probably more appropriate based on this fact
0xean changed the severity to QA (Quality Assurance)
0xean marked the issue as grade-c
Lines of code
https://github.com/code-423n4/2024-03-taiko/blob/main/packages/protocol/contracts/automata-attestation/AutomataDcapV3Attestation.sol#L263-L271 https://github.com/code-423n4/2024-03-taiko/blob/main/packages/protocol/contracts/automata-attestation/AutomataDcapV3Attestation.sol#L300 https://github.com/code-423n4/2024-03-taiko/blob/main/packages/protocol/contracts/automata-attestation/AutomataDcapV3Attestation.sol#L84
Vulnerability details
Impact
Invalid Verification of Certificate Chain as Revoked certificate would pass though verification unchecked when Certificate array length is 1 or when the last Certificate in the certs Array is a Revoked Certificate
Proof of Concept
The function above from the AutomataDcapV3Attestation contract shows how certificate are revoked by owner using their serial number. While the pointers in the _verifyCertChain(...) function from code provided below from the same contract shows how this certificates are checked to ensure they are not revoked, this can be noted from the very first pointer i.e
certRevoked
. if any of the cert in the array is a revoked one, the verification returns false. From the implementation in the contract, under the circumstance that certRevoked is true the verification returns false i.e failed verification as noted from the implementation in the last pointer. The problem is that whenever the certs array is just 1 no check is done to see if this lone cert is a revoked cert, which meanscertRevoked
will use the default value of false when it should actually be true. A deep analysis of the function also shows that when the certs array length is more than 1 and the last cert in the array is a revoked one, it would not go though validation which would allow verification when certificate is actually revokedTools Used
Manual Review
Recommended Mitigation Steps
As adjusted in the code below Protocol should make sure a Certification validation is done for certs under every circumstances.
Assessed type
Invalid Validation