Closed c4-bot-4 closed 1 month ago
@thereksfour This is basically cross chain replay attack by malicious decelerator due to not adding block.chainid
in hash creation. Past occurrences of this issue: https://solodit.xyz/issues/cross-chain-replay-attack-vulnerability-in-beanstalks-l2contractmigrationfacet-codehawks-beanstalk-the-finale-git
https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/cryptography/EIP712.sol Check out the _hashTypedDataV4 implementation, where the chainID is already included
Lines of code
https://github.com/code-423n4/2024-07-reserve/blob/main/contracts/p1/StRSRVotes.sol#L176
Vulnerability details
Vulnerability details
The
delegateBySig
function is part of a contract that allows for delegation of voting power using off-chain signed messages. But here malicious delegatee able to re use the signer signature for other chain also. Past occurrences of this issue: https://solodit.xyz/issues/cross-chain-replay-attack-vulnerability-in-beanstalks-l2contractmigrationfacet-codehawks-beanstalk-the-finale-gitProof of Concept
Implementation of
delegateBySig
function as follows. Here its not used block.chainid for the hashing. So cross chain replay is possible.Another instances of this issue on permit function in the StRSR.sol as well.
Impact
A malicious user could exploit the vulnerability by reusing the signer's signature to transfer voting power to themselves, potentially leading to a governance attack.
Tools Used
Manual Review
Recommended Mitigation Steps
Use block.chainid in the hash creation.
Assessed type
Other