Description:Description:
Any token that implements a hook can be used to spam transactions (TX) with the same nonce. This, of course, will break off-chain components and cause a denial-of-service (DOS) attack.
Attack Scenario:
Alice wants to launch a DOS attack and break the bridge.
Alice observes that an ERC777 token is allowed.
Alice creates her spam contract and spams transactions with the same nonce.
Github username: -- Twitter username: -- Submission hash (on-chain): 0x98913dd95f49316867564c2e2676f6fb930d5ea3d0faad57527df9e785ec6c21 Severity: medium
Description: Description: Any token that implements a hook can be used to spam transactions (TX) with the same nonce. This, of course, will break off-chain components and cause a denial-of-service (DOS) attack.
Attack Scenario:
Alice wants to launch a DOS attack and break the bridge.
Alice observes that an ERC777 token is allowed.
Alice creates her spam contract and spams transactions with the same nonce.
Proof of Concept (PoC) File
You must install OZ in order to work
Use non-reentrant.