Closed c4-bot-5 closed 4 months ago
saxenism (sponsor) disputed
Considered invalid because offset is just a pointer to the memory, the memory contains actual data including the unique identifier.
txDataOffset
is a memory pointer calculated from txPtr
for every transaction in a batch. Here is a reference for the code section. Thus it will be unique for every transaction.
razzorsec marked the issue as disagree with severity
razzorsec marked the issue as agree with severity
The Warden specifies that the generated canonical L1 transaction hashes may result in collisions due to the usage of a txDataOffset
that may be the same between transactions.
As the Sponsor has correctly clarified, the txDataOffset
is precisely what its name implies; an offset from which data is read to generate the hash. As this data will be different between transactions, whether the offset is the same or not has no bearing on the resulting transaction hash's uniqueness.
alex-ppg marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2024-03-zksync/blob/4f0ba34f34a864c354c7e8c47643ed8f4a250e13/code/system-contracts/bootloader/bootloader.yul#L692-L707
Vulnerability details
Impact
Function
getCanonicalL1TxHash()
returns a canonical hash of the L1->L2 transaction, that will be sent to L1 as a message to the L1 contract that a certain operation has been processed.Since it accepts just a
txDataOffset
, two different transactions with the same offset will return the same hash.Proof of Concept
File: bootloader.yul
Let's consider two different L1->L2 transactions with the same offset. Since for both transactions offset is the same, the parameter
txDataOffset
will be the same for functiongetCanonicalL1TxHash()
. This leads to the conclusion, thatgetCanonicalL1TxHash()
will return the same hash, for two different transactions, when their offsets are the same.Tools Used
Manual code review
Recommended Mitigation Steps
Refactor
getCanonicalL1TxHash()
- so that it will contain additional parameter -nonce
. Thisnonce
should also be used for hash calculation. Adding additional parameternonce
will make sure thatgetCanonicalL1TxHash()
will return different hashes even for the transactions with the sametxDataOffset
.Assessed type
Other