search

code-423n4 / 2024-06-thorchain-findings

6 stars 3 forks source link

Missing Event Handling for `TransferOutAndCallV5` in `smartcontract_log_parser` #68

Closed howlbot-integration[bot] closed 4 months ago

howlbot-integration[bot] commented 4 months ago

Lines of code

https://github.com/code-423n4/2024-06-thorchain/blob/e3fd3c75ff994dce50d6eb66eb290d467bd494f5/bifrost/pkg/chainclients/shared/evm/smartcontract_log_parser.go#L166

Vulnerability details

The Go code for parsing events from the THORChain Router contract is missing handling for the TransferOutAndCallV5 event. This event is crucial for processing V5 transactions correctly, and its absence could lead to initiating incorrect outbound transactions from vaults or other accounting issues in Thorchain.

Impact

The impact of this missing event handling is that any transactions involving the TransferOutAndCallV5 event will not be correctly processed or recorded by the parsing code. This could lead to incorrect balances, misattributed transactions, or other inconsistencies in the system including failure of initiating outbound transactions to the Layer-1 chain.

Proof of Concept

The relevant code snippet from the provided Go code is missing handling for the TransferOutAndCallV5 event. This event should be handled similarly to other events, with a dedicated parsing function that extracts relevant information such as the sender, receiver, amount, and other necessary data.

https://github.com/code-423n4/2024-06-thorchain/blob/main/bifrost/pkg/chainclients/shared/evm/smartcontract_log_parser.go

Tools Used

Manual Review

Recommended Mitigation Steps

To mitigate this vulnerability, the missing event handling for TransferOutAndCallV5 should be implemented in the Go code. The missing event handling code should look something like this:

type THORChainRouterTransferOutAndCallV5 struct {
    // Define the structure of the event fields here
}

func (scp *SmartContractLogParser) parseTransferOutAndCallV5(log etypes.Log) (*THORChainRouterTransferOutAndCallV5, error) {
    const TransferOutAndCallV5EventName = "TransferOutAndCallV5"
    event := new(THORChainRouterTransferOutAndCallV5)
    if err := scp.unpackVaultLog(event, TransferOutAndCallV5EventName, log); err != nil {
        return nil, err
    }
    return event, nil
}

This function should be added to the existing SmartContractLogParser struct along with other event parsing functions.

Assessed type

Other

c4-judge commented 4 months ago

trust1995 marked the issue as satisfactory

c4-judge commented 4 months ago

trust1995 marked the issue as selected for report

c4-judge commented 4 months ago

trust1995 marked the issue as unsatisfactory: Out of scope